A few minutes ago, a had some trouble with my internet connection, which made me having a look at my router log. As I’m not experienced in reading network stuff, I thought it might be a good idea to post the log in this forum, so some guys, who know how to read that stuff, can have a closer look at it (if they want to).
Are there any tools to dig deeper and, if necessary, counter an attack or at least prevent it?
The only thing I changed, is masking my public IP address and the SSID of my wireless Lan.
Moderation Note: Logs removed
Thanks in advance
Haven’t looked through that but did you make sure you didn’t just DOX yourself? There could be pretty specific location info in those logs.
This. I don’t know how to read most of that yet, but I do see two MAC addresses in that list over and over again. No idea if those are yours or potential attackers’, might want to remove those entirely. Unfortunately, edits will still be visible, you might want to contact the @moderators to help out here. I’ve flagged your OP for the moderators to have a look at as you might not be able to perform the necessary actions yourself.
I removed the potential personal info for now. @Trekkie00, you can put it back if you want to.
That being said, blocking a syn flood attack is probably not going to be the easiest thing to do with home network equipment.
I wouldn’t worry about it overly unless it happens repeatedly.
usually need to contact your ISP for that sorta thing.
If I read the info correctly, it’s just been attempts and the router blocked the attacks.
It might be a good idea to turn on the firewall on my Desktop to have a second barrier in place.
Most ISP routers/modems block these automatically. Its not likely to make it past your firewall as thats not the goal of the attack. If you consistently have these over a course of time you need to contact your ISP as they should be able to block it before it reaches you.
Flooding is usually just DOS, either to annoy you or bring your gateway down.
Just out of curiosity, how did you access these router logs?
I just did some cross reading about smurf attacks. Indeed its considered not to be dangerous.
Yeah its just annoying
Someone’s trying to irritate you or overwhelm your gateway and cause your link to go down.
Contact your ISP about it and see what they can do.
It is more or less always a good idea to do this.
It even offers a one click solution to download this log as a text file.
Point your browser to your router’s IP address. For creds, usually, see a sticker on the device or some paperwork that came with it.
ssh into the router and
cat some log files?