Menu
What's new
By:
Filters
Better Search

Novice user unsure of what to do about an issue, any advice welcomed.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

kfp said:
You just have to stop using AiProtect and QoS.
Click to expand...
Yes in 384.6 alpha 2 there is a privacy tab that allows you to opt out of Trend Micro. Not sure if it causes problems it hasn't been thoroughly tested and reported yet.
 
skeal said:
No.
Click to expand...

Damn, I'll have to learn how to read logs, I guess? I looked through the logs today and its like a foreign language for me. I've enrolled in a P/T course in Networking. It runs for a year so I guess I'll learn about all these things.
 
Skeptical.me said:
Damn, I'll have to learn how to read logs, I guess? I looked through the logs today and its like a foreign language for me. I've enrolled in a P/T course in Networking. It runs for a year so I guess I'll learn about all these things.
Click to expand...

Good on you.

I’m still curious why that client particularly is receiving all the ‘attacks’. There are bots scanning the net all the time but that would be all directed at your router/WAN, not a client behind NAT. That’s why I thought you might have a port open (via port forwarding or UPnP) that’s attracting attention or worse, the client is infected with some malware and those are the second stage payload.
 
kfp said:
Good on you.

I’m still curious why that client particularly is receiving all the ‘attacks’. There are bots scanning the net all the time but that would be all directed at your router/WAN, not a client behind NAT. That’s why I thought you might have a port open (via port forwarding or UPnP) that’s attracting attention or worse, the client is infected with some malware and those are the second stage payload.
Click to expand...

Malware is a fear of mine, that MAC Address must be the routers because I can't find any device or computer in my LAN with that MAC address. And I definitely don't have any ports or UPnP enaabled. The "attacks" are still happening. But obviously failing. I'm really curious to know what that MAC Address is, do you know where I can find the MAC Address of the router?
 
Skeptical.me said:
Malware is a fear of mine, that MAC Address must be the routers because I can't find any device or computer in my LAN with that MAC address. And I definitely don't have any ports or UPnP enaabled. The "attacks" are still happening. But obviously failing. I'm really curious to know what that MAC Address is, do you know where I can find the MAC Address of the router?
Click to expand...

If it is the router’s then it’s less concerning, and those attacks would be dropped by the firewall anyway (like intended) and AiProtect is just trying show you that it’s working :p

Fastest way is to SSH in and do
Code: 
ifconfig

It should match the MAC of the eth0 interface.
 
kfp said:
If it is the router’s then it’s less concerning, and those attacks would be dropped by the firewall anyway (like intended) and AiProtect is just trying show you that it’s working :p

Fastest way is to SSH in and do
Code: 
ifconfig

It should match the MAC of the eth0 interface.
Click to expand...

ahhh yeah, of course. I've done that before for something else. Thank you.


Sent from my iPad using Tapatalk Pro
 
skeal said:
Yes in 384.6 alpha 2 there is a privacy tab that allows you to opt out of Trend Micro. Not sure if it causes problems it hasn't been thoroughly tested and reported yet.
Click to expand...
I opted out of the ASUS one, but stayed in the Trend one, for some reason... Are you aware of how I might trigger that choice again, bar uninstalling and then re-flashing the alpha 2 firmware? If I opt out, will QoS etc still work?
 
FadgewackeR said:
I opted out of the ASUS one, but stayed in the Trend one, for some reason... Are you aware of how I might trigger that choice again, bar uninstalling and then re-flashing the alpha 2 firmware? If I opt out, will QoS etc still work?
Click to expand...
Sorry, but if you opt out, QOS will not work. You would have to reset to defaults and opt out this would basically (I'm told) leave you without Trend Micro. It has not been fully tested yet so go at your own risk.
 
skeal said:
Sorry, but if you opt out, QOS will not work. You would have to reset to defaults and opt out this would basically (I'm told) leave you without Trend Micro. It has not been fully tested yet so go at your own risk.
Click to expand...

I need QoS, so for that reason, I’m in. Thanks.
 
skeal said:
Sorry, but if you opt out, QOS will not work. You would have to reset to defaults and opt out this would basically (I'm told) leave you without Trend Micro. It has not been fully tested yet so go at your own risk.
Click to expand...

I'm running iOS 12 Public Betas on my iPad and iPhone and the attacks started after AIProtection flagged the iPhone X as infected, and there are Spam sites being blocked from the two devices as well. I've never had these issues in all the time I've had this router. I'm not sure if the iPhone and attacks are linked (I'm not that well versed in these matters), but I thought I'd show you the following (especially the last line of the first screenshot - although the fact it is showing here prove the router has identified it and probably blocked it) :

ErXhV0f.jpg



tH97tgN.jpg
 
Skeptical.me said:
Malware is a fear of mine, that MAC Address must be the routers because I can't find any device or computer in my LAN with that MAC address. And I definitely don't have any ports or UPnP enaabled. The "attacks" are still happening. But obviously failing. I'm really curious to know what that MAC Address is, do you know where I can find the MAC Address of the router?
Click to expand...
If you would like to find what is the device for a given MAC address, just ssh into your router:

# arp -a | grep <MACADDR>

:)
 
Skeptical.me said:
I'm running iOS 12 Public Betas on my iPad and iPhone and the attacks started after AIProtection flagged the iPhone X as infected, and there are Spam sites being blocked from the two devices as well. I've never had these issues in all the time I've had this router. I'm not sure if the iPhone and attacks are linked (I'm not that well versed in these matters), but I thought I'd show you the following (especially the last line of the first screenshot - although the fact it is showing here prove the router has identified it and probably blocked it) :

ErXhV0f.jpg



tH97tgN.jpg
Click to expand...

Are your iDevices jailbroken?
 
kfp said:
Are your iDevices jailbroken?
Click to expand...

No, no way. I like the safety of the closed ecosystem Apple have created. But I'm running iOS Public Beta 2 on both devices at present.
 
Yes, QNAP QFile, Cryptomator, Plex, Terminus, Standard Notes, Nextcloud hosted by Disroot,
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
U AX88U Do not come to the user interface after deactivated vpn connection Asuswrt-Merlin 6
chetstone Which user script to use to start a daemon at boot-up? Asuswrt-Merlin 3
L Login URL to pass User and Password directly in the url link Asuswrt-Merlin 1
U Loss of access to user interface after application of VPN rule and Killswitch (3004.388.8) Asuswrt-Merlin 14
William Higgs Ssh to router logging in as wrong user? Asuswrt-Merlin 3
M For AX68U and AX86S Merlin users: openvpn server - max user qty? Asuswrt-Merlin 1
D Solved Exists an Option to disable VPN Access for "Admin" user ? Asuswrt-Merlin 13

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 705 (members: 29, guests: 676)
Top