router security and probing
I thought this might be of interest and use.
I use a netgear dg834 adsl-router which provides broadband access for two pcs on a LAN.
I've been runing this set up for a couple of months; the equipment being powered up for 16 hours a day.
Every day the router would email me with security warnings, on average about 15 or more, taking the form:
(Iv'e "x-ed" out what may be personal data. My routers IP address or pcs behind the router)
TCP Packet - Source:8xx.1xx.3x.9x,4152 Destination:xx.xx.xx.xxx,6129 - [DOS]
TCP Packet - Source:8xx.1xx.8x.1x5,3224 Destination:xx.xx.xx.xxx,3410 - [DOS]
UDP Packet - Source:212.xx.xxx.34,5004 Destination:xxx.xxx.x.x,2652 - [DOS]
UDP Packet - Source:212.xx.xxx.34,5004 Destination:xxx.xxx.x.x,2652 - [DOS]
I gather these are probes of my equipment from the internet, either from other peoples infected machines or by malicious individuals. But your router is supposed to keep you safe, isn't it? by providing a hardware firewall. Well I've had no problems to speak of, but the router has occasionally locked up.(maybe the router has not been protecting itself on the WAN side?)
Visiting the "shields-up" site I found that I did not have full stealth mode and many of my computers ports were visible, but closed. Maybe the fact that they are visible invites probing?
But, interestingly, after upgrading my netgear dg834 router's firmware from 1.01.00 to 1.05.00, I now find that I do have full stealth mode when I visit "shields-up". Also the router no longer emails me with any security warnings (about unsolicited packets anyway).
Your thoughts appreciated.
I use a netgear dg834 adsl-router which provides broadband access for two pcs on a LAN.
I've been runing this set up for a couple of months; the equipment being powered up for 16 hours a day.
Every day the router would email me with security warnings, on average about 15 or more, taking the form:
(Iv'e "x-ed" out what may be personal data. My routers IP address or pcs behind the router)
TCP Packet - Source:8xx.1xx.3x.9x,4152 Destination:xx.xx.xx.xxx,6129 - [DOS]
TCP Packet - Source:8xx.1xx.8x.1x5,3224 Destination:xx.xx.xx.xxx,3410 - [DOS]
UDP Packet - Source:212.xx.xxx.34,5004 Destination:xxx.xxx.x.x,2652 - [DOS]
UDP Packet - Source:212.xx.xxx.34,5004 Destination:xxx.xxx.x.x,2652 - [DOS]
I gather these are probes of my equipment from the internet, either from other peoples infected machines or by malicious individuals. But your router is supposed to keep you safe, isn't it? by providing a hardware firewall. Well I've had no problems to speak of, but the router has occasionally locked up.(maybe the router has not been protecting itself on the WAN side?)
Visiting the "shields-up" site I found that I did not have full stealth mode and many of my computers ports were visible, but closed. Maybe the fact that they are visible invites probing?
But, interestingly, after upgrading my netgear dg834 router's firmware from 1.01.00 to 1.05.00, I now find that I do have full stealth mode when I visit "shields-up". Also the router no longer emails me with any security warnings (about unsolicited packets anyway).
Your thoughts appreciated.
0
Comments