Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[DilzX]

Hey guys

I've been having frequent disconnections. Router log shows the following


First Page Last Page Previous Next Page Clear Link To Log Settings
Page 1 of 20

Time and Date   Message
Jan 09 16:06:31   Per-source ACK Flood Attack Detect (ip=216.58.196.110) Packet Dropped
Jan 09 16:06:31   Whole System ACK Flood Attack from WAN Rule:Default deny
Jan 09 16:06:31   Whole System ICMP Flood Attack from WAN Rule:Default deny
Jan 09 16:05:31   Port Scan Attack Detect (ip=216.58.196.101) Packet Dropped
Jan 09 16:05:31   Per-source ACK Flood Attack Detect (ip=216.58.196.101) Packet Dropped
Jan 09 16:05:31   Whole System ACK Flood Attack from WAN Rule:Default deny
Jan 09 16:05:31   Whole System ICMP Flood Attack from WAN Rule:Default deny
Jan 09 16:04:31   Per-source ACK Flood Attack Detect (ip=216.58.220.34) Packet Dropped
Jan 09 16:04:31   Whole System ACK Flood Attack from WAN Rule:Default deny
Jan 09 16:04:04   DHCP lease IP 192.168.0.101 to android-14a806d9d4d2cc22 c0-ee-fb-30-34-02



What does it mean, is it a problem with the router or is it a virus on the PC..?

[RYAT3]

This ip's look like they are Google

https://www.findip-address.com/216.58.196.101

[RYAT3]

You should Google the log messages.

This guy here said it only starts after turning on his laptop.
 
http://security.stackexchange.com/questions/53765/router-detecting-port-scan-and-ack-flood-attack

[FurryNutz]

Link>Welcome!

• What Hardware version is your router? Look at sticker under the router case.
• Link>What Firmware version is currently loaded? Found on the routers web page under status.
• What region are you located?

Internet Service Provider and Modem Configurations

• What ISP Service do you have? Cable or DSL?
• What ISP Modem Mfr. and model # do you have?

In most cases its the routers firewall reporting and doing it's job. If your having disconnections due to it, I recommend contacting your ISP service and have them help you with it. Ask for a different WAN IP address coming from the modem. Have them help you monitor the attacks.

Hey guys

I've been having frequent disconnections. Router log shows the following


First Page Last Page Previous Next Page Clear Link To Log Settings
Page 1 of 20

Time and Date   Message
Jan 09 16:06:31   Per-source ACK Flood Attack Detect (ip=216.58.196.110) Packet Dropped
Jan 09 16:06:31   Whole System ACK Flood Attack from WAN Rule:Default deny
Jan 09 16:06:31   Whole System ICMP Flood Attack from WAN Rule:Default deny
Jan 09 16:05:31   Port Scan Attack Detect (ip=216.58.196.101) Packet Dropped
Jan 09 16:05:31   Per-source ACK Flood Attack Detect (ip=216.58.196.101) Packet Dropped
Jan 09 16:05:31   Whole System ACK Flood Attack from WAN Rule:Default deny
Jan 09 16:05:31   Whole System ICMP Flood Attack from WAN Rule:Default deny
Jan 09 16:04:31   Per-source ACK Flood Attack Detect (ip=216.58.220.34) Packet Dropped
Jan 09 16:04:31   Whole System ACK Flood Attack from WAN Rule:Default deny
Jan 09 16:04:04   DHCP lease IP 192.168.0.101 to android-14a806d9d4d2cc22 c0-ee-fb-30-34-02



What does it mean, is it a problem with the router or is it a virus on the PC..?