Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Speak with a forum team member - network logs query

Matthew3721
Joining in

on ‎18-01-2023 09:28

Hello. would it be possible to speak with a forum team member as I would like to share some network logs with you and get some advice on the matter..

Thank you   

 

 

[MOD EDIT: Subject title changed for clarity]

0 Kudos
3 REPLIES 3

Tudor
Very Insightful Person
Very Insightful Person

on ‎18-01-2023 09:52

Post the logs here, use copy and paste and all the MAC addresses will be replaced with *****.*****.*****.****. You will get a much quicker response from some very experienced users. Also please define the problem, if you have one.


Tudor
There are 10 types of people: those who understand binary and those who don't and F people out of 10 who do not understand hexadecimal c1a2a285948293859940d9a49385a2
0 Kudos

Matthew3721
Joining in

on ‎18-01-2023 10:39

Ok so I have the xr1000 connected to my hub, the past couple of days I have noticed in the logs these below, is this a Dos attack on me?

[DoS attack: ACK Scan] from source 142.250.178.10,port 443 Wednesday, Jan 18,2023 08:25:27
[DoS attack: ACK Scan] from source 142.250.178.10,port 443 Wednesday, Jan 18,2023 08:25:17
[DoS attack: ACK Scan] from source 157.240.225.18,port 443 Wednesday, Jan 18,2023 08:25:08
[DoS attack: ACK Scan] from source 13.33.52.60,port 80 Wednesday, Jan 18,2023 08:24:26
[DoS attack: ACK Scan] from source 13.224.81.129,port 80 Wednesday, Jan 18,2023 08:24:21
[DoS attack: ACK Scan] from source 199.232.58.132,port 443 Wednesday, Jan 18,2023 08:24:19
[DoS attack: ACK Scan] from source 192.99.44.206,port 443 Wednesday, Jan 18,2023 08:24:18

0 Kudos

Tudor
Very Insightful Person
Very Insightful Person
In response to Matthew3721

on ‎18-01-2023 12:44

It’s the "DoS attack:" message that is wrong in my mind. It’s just people sniffing your connection to see if there is a way into your system. I get lots of these each week. My router gives a much better message:

[WAN_IN-RET-3035] IN=eth9 OUT=br0 MAC=my MAC address:src=nnn.142.125.160 DST=192.168.0.228 LEN=60 TOS=0x00 PREC=0x00 TTL=246 ID=0 PROTO=TCP SPT=5189 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0


Tudor
There are 10 types of people: those who understand binary and those who don't and F people out of 10 who do not understand hexadecimal c1a2a285948293859940d9a49385a2
0 Kudos
Top