Johno
Regular Contributor
I've set up the AI-Protection feature on my RT-AC68U with security alerts emailed to me. I get a lot of the following reported threats (I've removed my IP address from the destination):
Event Date Event type Source Destination
2018-11-02 08:27:04 Vulnerability Protection 209.141.54.253 [my static IP addr]
If I look up that source I find it's a company supposedly specialising in DDOS prevention! If I check the router admin pages under AI-Protection - Two-Way IPS it details the attack as an External Attack in the form of EXPLOIT Remote Command Execution via Shell Script -2
Now if I'm understanding this correctly, apparently a company that supposedly provides services to prevent DDOS attacks is attacking my router? Or am I misunderstanding the alert?
Event Date Event type Source Destination
2018-11-02 08:27:04 Vulnerability Protection 209.141.54.253 [my static IP addr]
If I look up that source I find it's a company supposedly specialising in DDOS prevention! If I check the router admin pages under AI-Protection - Two-Way IPS it details the attack as an External Attack in the form of EXPLOIT Remote Command Execution via Shell Script -2
Now if I'm understanding this correctly, apparently a company that supposedly provides services to prevent DDOS attacks is attacking my router? Or am I misunderstanding the alert?