Jump to content

Recommended Posts

I lag offline in a game and I checked the logs and my cloudflare DNS is being blocked because router thinks its a ddos idk? [DoS Attack: Ascend Kill] from source: 1.1.1.1, port 53,

 

Logs of when I lag out

 

[DumaOS] DHCP lease change., Friday, February 08, 2019 03:26:26
[DumaOS] DHCP new event., Friday, February 08, 2019 03:26:26
[DHCP IP: 192.168.1.8] to MAC address 08:c5:e1:cf:be:46, Friday, February 08, 2019 03:26:26
[DumaOS] DHCP lease change., Friday, February 08, 2019 03:26:25
[DumaOS] DHCP new event., Friday, February 08, 2019 03:26:25
[DHCP IP: 192.168.1.8] to MAC address 08:c5:e1:cf:be:46, Friday, February 08, 2019 03:26:25
[DoS Attack: Ascend Kill] from source: 1.1.1.1, port 53, Friday, February 08, 2019 03:25:27
[DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24
[DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24
[DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24
[DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24
[DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24
[DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24
[DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24
[DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24
[DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24

Share this post


Link to post
Share on other sites

The DoS attacks are normal traffic, and as to the acend kill from 1.1.1.1 on port 53 I have had that from cloudflare and I'm not using cloudflare! Its more likely port scans, and the router on this firmware is a little more paranoid than usual with local DNS lookups. Those packets have been dropped but that is not a real DoS attack. A DoS attack comes from one computer normally and would knock you offline, a DDoS attack is from multiple machines. You would not just see one attack like that as a DoS attack. Lagging may be more to do with your ISP than the logs, believe me. Just google ascend Kill and you will see its common in Netgear logs.

You will always see DoS attacks in logs because you are being port scanned every day,  its the background noise of the internet. Also using third party DNS servers is okay but it depends on there location and yours, your ISP ones may be a lot closer and better ironically. Also who do you trust more with the DNS logging, Cloudflare or your own ISP? Secondly you may be hiding supposedly your DNS lookups but your browser will be fingerprinted anyway so all that possible extra mileage on DNS lookups (once again depending on the location and how Cloudflare works with with CDNs (Content delivery networks give you access to say YouTube, iTunes Netflix etc from the closet server) Third part DNS servers may resolve lookups faster but cant always guarantee you are getting everything from the nearest server to you. CDNs like Akamai  etc look to serve you content from your nearest location all the time. This means you may actually have slightly slower downloads and uploads, so Cloudflare could also be the source of lag and extra latency (not saying it is) just something to think on. :)

 Anyway that's going off subject here. Basically the logs are normal, the router may be dropping packets for a variety of reasons and on this firmware others have seen so called DoS attacks from their DNS provider so maybe this needs to be reported by the team to Netgear or whoever is in charge of the firewall. So worry about the logs, I highly doubt they are the source of your lag. I would try your own ISP DNS unless they are truly awful, and look into other ways of striving for privacy on the net, and realise that no matter what you do even the size of your browser window is leaking info on you to third parties.

Share this post


Link to post
Share on other sites

Just to confirm what Killhippie said - these log readings are standard. If other routers showed you their logs, they'd display 'DoS attack' events too. It's far more likely that you're lagging offline for other reasons like NAT, ping spikes, incorrectly blocked servers etc.

Share this post


Link to post
Share on other sites
8 hours ago, Netduma Jack said:

Just to confirm what Killhippie said - these log readings are standard. If other routers showed you their logs, they'd display 'DoS attack' events too. It's far more likely that you're lagging offline for other reasons like NAT, ping spikes, incorrectly blocked servers etc.

Yeah I see DoS attacks all the time I know its normal in the logs just never seen DoS Attack: Ascend Kill and thats when I went offline I thought it had to do with that or something

Share this post


Link to post
Share on other sites
7 hours ago, Netduma Fraser said:

If you were being DDoSed you would likely know about it as your whole connection would go down, for all devices for quit a while. If you're simply just disconnecting from the game it's very likely something else

I'm in xbox party on my pc and that went down as well It only happend for like 30 seconds and I don't see how I could be ddosed in a game of 16 players in a none ranked game mode

Share this post


Link to post
Share on other sites
1 hour ago, Netduma Fraser said:

Exactly its very unlikely to be a DDOS attack. More likely just a weird thing server side that caused you to disconnect

Yeah probably something to do with the broken halo mcc and does ddos protection even work on this router and also you guys should add somthing like AiProtection like asus

 

Share this post


Link to post
Share on other sites
9 hours ago, Netduma Fraser said:

What DDoS protection are you referring to? That could be something we look into in future

The wan setup has port scan and dos protection

 

 

 

Share this post


Link to post
Share on other sites

DoS is a bit different from DDoS so as far as I am aware it works yes. The only DDoS protection you could employ would be to use a VPN but I don't think DDoS is the issue you're having and a VPN would raise your ping which is unnecessary for you I think.

Share this post


Link to post
Share on other sites
4 hours ago, Netduma Fraser said:

DoS is a bit different from DDoS so as far as I am aware it works yes. The only DDoS protection you could employ would be to use a VPN but I don't think DDoS is the issue you're having and a VPN would raise your ping which is unnecessary for you I think.

My bad I mean dos not ddos I have protonvpn anyway I only use it in p2p games

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×