PDA

View Full Version : router security and probing


Dogpigboy
11-14-04, 10:09 AM
not sure if this is the right group but...

I thought this might be of interest and use.

I use a netgear dg834 adsl-router which provides broadband access for two pcs on a LAN.
I've been runing this set up for a couple of months; the equipment being powered up for 16 hours a day.

Every day the router would email me with security warnings, on average about 15 or more, taking the form:

(Iv'e "x-ed" out what may be personal data. My routers IP address or pcs behind the router)

TCP Packet - Source:8xx.1xx.3x.9x,4152 Destination:xx.xx.xx.xxx,6129 - [DOS]

TCP Packet - Source:8xx.1xx.8x.1x5,3224 Destination:xx.xx.xx.xxx,3410 - [DOS]

UDP Packet - Source:212.xx.xxx.34,5004 Destination:xxx.xxx.x.x,2652 - [DOS]

UDP Packet - Source:212.xx.xxx.34,5004 Destination:xxx.xxx.x.x,2652 - [DOS]

I gather these are probes of my equipment from the internet, either from other peoples infected machines or by malicious individuals. But you router is supposed to keep you safe isn't it? by providing a hardware firewall. Well I've had no probles to speak of, but the router has occasionally locked up.(maybe the router has not been protecting itself on the WAN side?)

Visiting the "shields-up" site I find that I do not have full stealth mode and many of my computers ports are visible but closed. Maybe the fact that they are visible invites probing?

But, interestingly, after upgrading my netgear dg834 router's firm ware from 1.01.00 to 1.05.00, I now find that I do have full stealth mode when I visit "shields-up". Also the router no longer emails me with any security warnings.

rewt
11-19-04, 01:33 AM
DOS, in this aspect, stands for Denial Of Service. Thus it could explain why your router was locking up. Glad you got it fixed :)