Router log - when to delete?

  john bunyan 10:02 27 Sep 2013
Locked
Answered

I have a new Netgear DGND 4000 N750 router that has bedded in quite well ( a few issues with slow I Pad speed, dealt with now). In the router's event log there are dozens of (presumably foiled) DOS (Denial of Service) attacks. I assume these are normal for a router's firewall? Can I clear the log as there are many daily entries? I was advised by a Talk Talk Guru to use wireless channel 11, which seems to work well.

  Batch 13:43 27 Sep 2013
Answer

Depends whether you are going to investigate the DoS attacks. If you are just going to accept that the router's firewall has dealt with them, then you might as well get rid off.

  john bunyan 14:54 27 Sep 2013

Batch

There are so many attempts that I suspect it is routine and maybe those who do not look at router logs never see them. I think it would be not worth trying to trace the attackers. I would have thought this is a well known issue but I can't remember seeing it aired here. I will delete to make room for the next lot!

  john bunyan 15:00 27 Sep 2013

I do not use any P2P programmes that may sometime be a cause. I found this on the "bleeping computer" site from someone with a similar problem:
" No i think these are simple port scans being performed on your computer, as well has 100s of thousands per night. Basically script kiddies run tools that scan large portions of IP space in hopes of finding vulnerable targets. Your firewall software is seeing them, blocking them, and stating that they are a possible ddos attack. They can most likely be ignored."

I will delete and keep an eye on it.

  Batch 18:04 27 Sep 2013

Can't say I recall seeing any sustained DoS traffic on my router.

If you have a dynamic IP address, restarting the router (or simply disconnecting and reconnecting from within the router) should give you a different IP which may ameliorate the issue. But whoever is doing it maybe attacking ranges (of IPs) associated with your ISP.

Not all routers even give much in the way of meaningful logs (so others may be getting DoS attacks and would be unaware even if they looked on the router)

If you can turn off Universal Plug & Play in the router I would (as you don't do any P2P programmes).

  john bunyan 18:59 27 Sep 2013

Batch

Thanks, I have a fixed IP address but presumably other bits of my set up have others? I do not know. I see quite a few posts about Netgear routers in particular; the DGND 4000 N750 is quite a sophisticated one I think. I will follow up your suggestion. Perhaps, indeed, these DoS attacks pass unnoticed by those who do not delve into router logs.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Xiaomi Mi Mix 2 review

What went wrong at the Designs of the Year 2017

iPhone X news: Release date, price, new features & specs

Comment utiliser Live Photos ?