Router DOS warnings

Discussion in 'Computing and Networks' started by spinnaker, Feb 21, 2012.

  1. spinnaker

    Thread Starter AAC Fanatic!

    Oct 29, 2009
    4,887
    1,019
    I get periodic DOS warnings from my router.

    TCP Packet - Source:58.218.199.250,12200 Destination:71.126.37.92,8118 - [DOS] TCP Packet - Source:58.218.199.250,12200 Destination:71.126.37.92,7212 - [DOS] TCP Packet - Source:58.218.199.250,12200 Destination:71.126.37.92,6588 - [DOS] TCP Packet - Source:58.218.199.250,12200 Destination:71.126.37.92,8123 - [DOS]

    I got a few different ones just tonight. Is this something to worry about?
     
  2. luvv

    Member

    May 26, 2011
    186
    31
    Wouldn't sweat it,there is plenty of nasty things crawling the net randomly probing for open ports.

    Your router will keep logging and kicking till the end of time..

    Looks like a static ip,call your isp tell them reset your connection then check your ip.

    If no change call them back and whine till they change it,you be surprised what they will do just to get off the phone w/ you. ;)

    And if you are still worried head over to techsupportforums there are some serious internet jedi lurking around there.

    -luvv-
     
  3. nerdegutta

    Moderator

    Dec 15, 2009
    2,519
    786
    I would worry.

    I think this is a script/program pinging your IP address for open ports.

    If you take the Source ip and write it in http://ip-lookup.net

    You'll see that it's from China...

    But as long as you got a good firewall, and closed ports, then you are safe. Remember to not open any suspicious attachments in e-mail.
     
    Last edited: Feb 22, 2012
  4. spinnaker

    Thread Starter AAC Fanatic!

    Oct 29, 2009
    4,887
    1,019

    Can my internet provider block that IP? You would think you should be able to do this from some kind of control panel on their website.

    I tried blocking the IP with my router but the router told me it was an invalid IP.
     
  5. spinnaker

    Thread Starter AAC Fanatic!

    Oct 29, 2009
    4,887
    1,019
    I was getting a whole bunch from this address too:

    UDP Packet - Source:71.162.23.123,1900 Destination:239.255.255.250,1900 - [DOS] UDP Packet - Source:71.162.23.123,1900 Destination:239.255.255.250,1900 - [DOS]

    When I did the search it says it is coming from my internet provider?
     
  6. hwy101

    Active Member

    May 23, 2009
    91
    28
    That ip is just another user from your provider (VERIZON)
    as long as your router doesn't have any open ports there's nothing to worry about.

    also in your router settings make sure DMZ is NOT enabled.
     
  7. nerdegutta

    Moderator

    Dec 15, 2009
    2,519
    786
    This ip

    Source:58.218.199.250
     
  8. electronis whiz

    Well-Known Member

    Jul 29, 2010
    519
    27
    i once had a dos atack also the only reason i knew is because we have an ISP with a download limit and it went over. i ran a check of all auto updates on running systems and even used the event viewer. so i dicided to try the router log. and there it was DOS atack from some ip i dont remmeber the ip anymore. however i dicided to do some investigating so i googled the ip and it came back as NET 96 and whois did the same. then a day later i heared about the annoumous atackson police websites. se i went to google and looked for anonomous's ip adress. (however i followed no links i just to be safe the ip was in a goole preview.) so i did a who is on that ip and the shocking resault came back as net 96. after that i went into my router and blocked all of the IPs and domain names as blocked
    i would be concerned if your isp has download limits as well as sombody soild be using your ip that the isp uses for you to try and do a spoof on sombody ar useing you as a proxy soi then what the ydo could possibly be blamed on you. if you have a firewall witch most computers now do and almost all routers have some form of firewall also. also if your doing any sharing make sure it is pasword protected as well as lockingyour sytem(s) just in case when there not in use.
    if you want folow the procedure that i used. (windows does not have a built in whois the one i use is called win32whois i'm not sure where i got it but it was freeware.)
    (not responsable for lost data or any thing else that could resault from a dos atack or any thing relating to the resaults of the procedure i used.)(just trying to protect myself.)
     
Loading...