Menu
What's new
By:
Filters Better Search

DDOS Attacks

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

Csection

Senior Member
Is there a way to block specific addresses with X4s router?
I have been getting a lot of DDOS attacks lately.
I would like to be able to block those addresses from my router.
I used to be able to add them to a blacklist with my old Smoothwall router.
 
If you are able to access the linux bit of the router iptables will help you there.

What i do is have address lists for various things but if someone initiates a connection to the router (input) first rather than the router initiating the connection than just add to blacklist.

Unless you are a major site very likely you are getting a DDoS because a port is open on your router on the WAN side. Do a full port scan using an online tool to see what of your router or network is exposed, very likely it is something common.
 
Do a full port scan using an online tool to see what of your router or network is exposed, very likely it is something common.
What is the best tool for this? I have used "Shields Up", but that only does a shortlist of ports.
 
If you were getting DDOS'd your home router would be struggling to stay online.

If you are seeing lots of blocked requests in your logs from the same IP it is more likely a bot searching for open ports and your router is simply doing its job by blocking them.

Bots and back scatter fill your logs every day , adding a few IP's to a table won't change that.
 
The best thing to do is do a port scan for both TCP and UDP and also use tools to check for router vulnerabilities. There are many a few online tools but it takes a bit of searching.
 
DDoS is by default blocked by the firewall, so DDoS will not forward to LAN/Wireless and no need to set any specific address.

However, we may close the door, but never know who may be knocking...
 
NETGEAR Guy said:
DDoS is by default blocked by the firewall, so DDoS will not forward to LAN/Wireless and no need to set any specific address.

However, we may close the door, but never know who may be knocking...
Click to expand...
Good!
I think!
I just don't have much knowledge of this and I am glad as long as you keep up with the latest security threats!
 
A lot of DDoS attacks happen mainly because something vulnerable was detected by the attacker. This is why it helps to do a port scan and vulnerability test and see what is exposed.
 
System Error Message said:
A lot of DDoS attacks happen mainly because something vulnerable was detected by the attacker. This is why it helps to do a port scan and vulnerability test and see what is exposed.
Click to expand...
Thank you for the reply!
I have scanned with GRC, but I don't know a better port scanner. Can you recommend one?
 
Well!
With the help of Voxel. We have determined that the attacks are targeting my Arris cable modem. I am to replace the one I have with a Netgear modem to see if that fixes the problem.
 
You must log in or register to reply here.

Similar threads

S
Double DDOS protection?
Replies
4
Views
791
SALMIGHTY
S
D
Skynet Rapid Reset http2/http3 CVE-2023-44487
Replies
6
Views
1K
DJones
D
PR3MIUM
News Cisco warns of large-scale brute-force attacks against VPN and SSH services
Replies
2
Views
753
Paliv
P
PR3MIUM
News Mirai DDoS malware variant expands targets with 13 router exploits [D-Link, TP-Link Archer, Yealink, Zyxel...]
Replies
10
Views
1K
ColinTaylor
C
H
DNS-rebind attack detected: farm.plista.com. etc...??
Replies
3
Views
508
Treadler
Treadler

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,048 (members: 11, guests: 1,037)
Top