Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[kayes]

Hi,

I have had some serious issues with my router beeing attacked fo a few months now. My knowledge regarding issues like this is limited, but I have got an e-mail from my ISP confirming the attacks now. See mail under:

Referring to the received e-mail.

We do not get blocked this incoming traffic. We recommend that you try to
the first instance to update the software on your router. It is possible the D-Link
have come with updates that make it more stable for large quantities
incoming traffic. Updates can be downloaded from the router's website:

http://www.dlink.com/products/?pid=DIR-615&tab=3

If this does not help the problem, you should either connect your computer
directly to the modem, or go to the purchase of a router that can
tackle this type of attack.


Sincerely,

Jonas
Client Manager
Get Support ®

Check http://pastebin.com/3Dwg0H8W to see the log from the router which clearly shows the attack that is filling up my ports. When all the 65xxx ports are full the internet goes down.

I need a solution regarding this, because it is starting to anoy me that I have to unplug the router every 2 hours or so to reset the router.

[FurryNutz]

What hardware version is your 615? A, B, C or E?

What firmware version is currently loaded.
What ISP service do you have? Cable or DSL?
What ISP Modem do you have? Make and model?

[kayes]

Hi, thanks for you reply.

What hardware version is your 615? A, B, C or E?
B2

What firmware version is currently loaded.
2.25

What ISP service do you have? Cable or DSL?
Cable, Get.no

What ISP Modem do you have? Make and model?
Scientific Atlanta 2100

[FurryNutz]

Well seems like you have the latest.

Is your ISP modem a stand lone modem or doe it have a router built in. Sounds like this might be a stand alone. If so. I would recommend calling DLink and asking if there is anything they can help you with on this. There last FW was 2008 and I presume this router might not be developed on any more. Maybe they can help you if you send them your logs so they can review the situation and help to determine what will work for you. In mean time I would check on getting a different router, DIR-655 or something newer from Best Buy or something that has a return refund policy. While your using the new router, test and see if it and the cable company see the same thing.

[kayes]

Its just a regular cabel modem I think, I connect a network cable from it into either a computer or a router if I need WIFI and / or more computers connected.

[FurryNutz]

OK, let us know how it goes with Dlink. Try a different or newer router if you can.

[Skello]

Hmm, that looks pretty distributed. There's not much ISPs can do against such attacks, let alone home routers. If someone has a large army of infected computers at their disposal (botnet) and they're set on keeping you off the net, there's little to stop them.

Do you have a fixed IP address allocated by your ISP?

[huntpt]

I think Skello is on the right track with the question regarding the fixed address assigned by your ISP. If your ISP assigns a fixed address and you can get them to change it, then the attacks may go away.

However, I am going to suggest some things, one of which might be quite stupid, but here goes:

1.  It looks from the posted log as though the router is fending off the attacks, but could it be that the log is growing so long that the router is running out of memory? If there is a way to turn off information notices in the log, perhaps that would help.

2.  Not that this will necessarily help, but check the UK D-Link site for version 2.27 of the firmware. I have been using it for several months, even though I am located in the United States.

3.  I don't see how changing the router would solve the problem, but I am new at this stuff.

Good luck!

[kayes]

Thank you all for the support. Im currently waiting for an answer from my ISP regarding the fixed IP issue, in the meantime I will try to turn logging off and try the 2.27 update which I think is a beta?

Ill be back with more information asap.

Thanks