Samsung Galaxy S8 review
Not an item I'd paid attention to before, but since setting up a wireless network, I thought I'd keep an eye on the router's security log.
At the start, there were no DoS Log entries at all.
Then there were 3 [HOST Attack; UPD Flood} ending with [Drop], lasting for 9 seconds.
Then there 32 mainly [UPD Flood} - - [Drop], but also a couple of [HOST Attack; UPD Flood} - - [Drop].
The 1st bunch took place for 51 seconds, then 2 bunches of 2 sec duration a piece.
Is this something to be concerned about?
On cable broadband.
Wireless setup; SSID broadcast disabled, Router ping disabled, WPA-PSK.
ICMP ping is blocked, NAT enabled, but I have not specified that only 1 specific IP address can access port 80 to the router. Oh, and no device is specified nor connected to the DMZ either.
Client device s/w firewalls set to allow a standard range of client IP addresses.
No virtual servers setup & MAC addresses are also set.
Seems fairly safe then, Danoh.
I wouldn't worry about it, unless any of your PCs exhibit strange DDoS-like behaviour. I don't think that you have been hacked, at least not successfully.
Much appreciated (from a 2-wk newbie!);
Once my kit placement has stabilised (pre-N client adapter issue still being resolved for 1 PC), I intend to set the IP for the PC connected via Ethernet cable, to be the only one able to access the Router's config page (password protected at the mo').
I have changed the SSID once already (mistakenly via wireless rather then wired!), but its a pain having to reset it on all clients as well.
Is there any advantage to specifying specific client WLAN's IPs rather then just a range?
From the timings of each DoS log entry, they seem more like probes. Just wondering if there's anything in my setup which might be attracting them.
With WLAN kit apparently always using the standard set of IPs, isn't there benefit to changing them?
I mean, they always seem to be 126.96.36.199 or 188.8.131.52 Why not set them as something completely different as its only the ISP's (usually dynamic) IP assigned/cloned for the router that counts for the WAN?
AFAIK they have to be in the router's range, and they are definitely best left to DHCP rather than manual assignment. Doing it manually is something that is generally only done to cure problems.
Don't forget to set up MAC filtering; it'll be the same as on my router, so if you need to know more info about that, let me know.
Here I go in my 3rd wk of WLAN and I want to tweak the NAT range embedded within router firmware! Foolhardy or what?!
I can't help but reason that as the range of IP addresses within the WLAN is entirely localised, one could theoretically set any IP address within the addressing capability of the hardware.
I've got MAC filtering set, but I have the non-wireless MAC addresses for the PC added as well as the wireless components/adapters, as I was unsure in my initial setting up.
There's no harm in having the wired PC's MAC in the list as well, though you don't need it.
This thread is now locked and can not be replied to.