Jump to content

Free help from tech experts
Welcome to Geeks to Go forums. Create an account now to gain access to all our features. Once registered and logged in, you will be able to create topics, post replies to existing topics, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. Best of all, registration and all assistance is 100% free! This message, and all ads will be removed once you have signed in.
Sign In Create Account

Netgear Router Log DOS attacks?


  • Please log in to reply

#1
wtfwtfwtf

wtfwtfwtf

    New Member

  • Member
  • Pip
  • 1 posts
I remember when I used to look at the router logs for my wireless router I would see the name of websites visited from people who were using my wireless signal. There is supposed to only be one person using my wireless signal as I am using a ethernet cable attached to the router. When I click "attached devices" it only shows me and one other person, however the log seems to show there is more than one person attached besides the two of us.

I am semi-computer literate but obviously semi-retarded because this router log is all a foreign language to me. So here is the log, if anyone can make some sense of it for me I would appreciate it. I guess I am mainly worried about the Denial Of Service Attacks but I would also like to know why the log doesn't read like it did last time I checked. Now that I think about it I don't know what I should be worried about.



I am pretty sure the only "attached devices" are supposed to be


ME[DHCP IP: 192.168.1.3] to MAC address 00:0d:9d:5e:9a:xx, Monday, March 29,2010 21:05:49
GUY USING MY WIRELESS[DHCP IP: 192.168.1.4] to MAC address 00:21:63:bb:87:xx, Monday, March 29,2010

I have no idea who this is supposed to be. Or like I said maybe I am just retarded.

[DHCP IP: 192.168.1.5] to MAC address 00:24:8d:d2:3c:xx, Monday, March 29,2010 23:43:06

March 30,2010 14:18:36
[DoS Attack: RST Scan] from source: 75.21.100.39, port 4078, Tuesday, March 30,2010 13:01:56
[DHCP IP: 192.168.1.5] to MAC address 00:24:8d:d2:3c:xx, Tuesday, March 30,2010 11:43:07
[Time synchronized with NTP server] Tuesday, March 30,2010 10:49:43
[DoS Attack: RST Scan] from source: 217.119.54.143, port 45707, Tuesday, March 30,2010 09:18:31
[DoS Attack: RST Scan] from source: 118.136.244.67, port 1082, Tuesday, March 30,2010 07:00:37
[DoS Attack: ACK Scan] from source: 65.55.87.123, port 80, Tuesday, March 30,2010 05:46:01
[DHCP IP: 192.168.1.4] to MAC address 00:21:63:bb:87:xx, Tuesday, March 30,2010 05:45:42
[DoS Attack: ACK Scan] from source: 65.55.87.123, port 80, Tuesday, March 30,2010 05:45:42
[DHCP IP: 192.168.1.4] to MAC address 00:21:63:bb:87:xx, Tuesday, March 30,2010 05:43:42
[UPnP set event: del_nat_rule] from source 192.168.1.5, Monday, March 29,2010 23:44:59
[UPnP set event: add_nat_rule] from source 192.168.1.5, Monday, March 29,2010 23:43:07
[DHCP IP: 192.168.1.5] to MAC address 00:24:8d:d2:3c:xx, Monday, March 29,2010 23:43:06
[DHCP IP: 192.168.1.3] to MAC address 00:0d:9d:5e:9a:xx, Monday, March 29,2010 21:05:49
[DHCP IP: 192.168.1.4] to MAC address 00:21:63:bb:87:xx, Monday, March 29,2010 20:56:25
[DHCP IP: 192.168.1.3] to MAC address 00:0d:9d:5e:9a:xx, Monday, March 29,2010 15:11:52
[DoS Attack: FIN Scan] from source: 83.30.6.104, port 49547, Monday, March 29,2010 14:40:04
[Time synchronized with NTP server] Monday, March 29,2010 10:49:42
[DHCP IP: 192.168.1.4] to MAC address 00:21:63:bb:87:xx, Monday, March 29,2010 06:20:28
[DHCP IP: 192.168.1.3] to MAC address 00:0d:9d:5e:9a:xx, Monday, March 29,2010 02:35:42
[DoS Attack: ACK Scan] from source: 65.55.183.7, port 80, Sunday, March 28,2010 21:12:01
[DoS Attack: FIN Scan] from source: 97.113.145.180, port 61578, Sunday, March 28,2010 20:24:01
[DoS Attack: ACK Scan] from source: 162.95.222.239, port 443, Sunday, March 28,2010 17:32:09
[DoS Attack: RST Scan] from source: 12.130.102.24, port 443, Sunday, March 28,2010 15:59:00
[Internet connected] IP address: 67.162.132.xxx, Sunday, March 28,2010 15:31:43
[DHCP IP: 192.168.1.3] to MAC address 00:0d:9d:5e:9a:xx, Sunday, March 28,2010 14:24:59
[Time synchronized with NTP server] Sunday, March 28,2010 10:49:41
[DHCP IP: 192.168.1.4] to MAC address 00:21:63:bb:87:xx, Sunday, March 28,2010 09:45:02
[DoS Attack: ACK Scan] from source: 65.54.95.13, port 80, Sunday, March 28,2010 08:35:09
[DHCP IP: 192.168.1.5] to MAC address 00:24:8d:d2:3c:xx, Sunday, March 28,2010 02:24:52
[DHCP IP: 192.168.1.3] to MAC address 00:0d:9d:5e:9a:xx, Saturday, March 27,2010 23:44:31
[UPnP set event: add_nat_rule] from source 192.168.1.5, Saturday, March 27,2010 23:16:24
[DHCP IP: 192.168.1.5] to MAC address 00:24:8d:d2:3c:xx, Saturday, March 27,2010 23:16:23
[DHCP IP: 192.168.1.3] to MAC address 00:0d:9d:5e:9a:xx, Saturday, March 27,2010 23:06:35
[DHCP IP: 192.168.1.4] to MAC address 00:21:63:bb:87:xx, Saturday, March 27,2010 21:45:00
[DoS Attack: RST Scan] from source: 216.252.125.65, port 443, Saturday, March 27,2010 18:33:01
[DHCP IP: 192.168.1.3] to MAC address 00:0d:9d:5e:9a:xx, Saturday, March 27,2010 11:06:34
[DoS Attack: ACK Scan] from source: 174.140.157.25, port 80, Saturday, March 27,2010 10:50:18
[Time synchronized with NTP server] Saturday, March 27,2010 10:49:40
  • 0

Similar Topics: Netgear Router Log DOS attacks?     x


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 12,814 posts
  • MVP
I wouldn't worry about the DoS attacks. The Internet is full of infected computers trying to infect others. What I would worry about is other people using your wireless and possibly changing the configuration. There should be no one else other than the one you know about and it appears you have a neighbor using your wireless without permission and making changes to the router's config. Set the router back to default then m ake sure you are using encryption on the wireless link and change the default passwords on your router to something else.

Ron
  • 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured