Tripper Posted February 8, 2019 Share Posted February 8, 2019 I lag offline in a game and I checked the logs and my cloudflare DNS is being blocked because router thinks its a ddos idk? [DoS Attack: Ascend Kill] from source: 1.1.1.1, port 53, Logs of when I lag out [DumaOS] DHCP lease change., Friday, February 08, 2019 03:26:26 [DumaOS] DHCP new event., Friday, February 08, 2019 03:26:26 [DHCP IP: 192.168.1.8] to MAC address 08:c5:e1:cf:be:46, Friday, February 08, 2019 03:26:26 [DumaOS] DHCP lease change., Friday, February 08, 2019 03:26:25 [DumaOS] DHCP new event., Friday, February 08, 2019 03:26:25 [DHCP IP: 192.168.1.8] to MAC address 08:c5:e1:cf:be:46, Friday, February 08, 2019 03:26:25 [DoS Attack: Ascend Kill] from source: 1.1.1.1, port 53, Friday, February 08, 2019 03:25:27 [DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24 [DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24 [DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24 [DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24 [DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24 [DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24 [DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24 [DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24 [DoS Attack: ACK Scan] from source: 151.101.62.167, port 443, Friday, February 08, 2019 03:25:24 Link to comment Share on other sites More sharing options...
Guest Killhippie Posted February 8, 2019 Share Posted February 8, 2019 The DoS attacks are normal traffic, and as to the acend kill from 1.1.1.1 on port 53 I have had that from cloudflare and I'm not using cloudflare! Its more likely port scans, and the router on this firmware is a little more paranoid than usual with local DNS lookups. Those packets have been dropped but that is not a real DoS attack. A DoS attack comes from one computer normally and would knock you offline, a DDoS attack is from multiple machines. You would not just see one attack like that as a DoS attack. Lagging may be more to do with your ISP than the logs, believe me. Just google ascend Kill and you will see its common in Netgear logs. You will always see DoS attacks in logs because you are being port scanned every day, its the background noise of the internet. Also using third party DNS servers is okay but it depends on there location and yours, your ISP ones may be a lot closer and better ironically. Also who do you trust more with the DNS logging, Cloudflare or your own ISP? Secondly you may be hiding supposedly your DNS lookups but your browser will be fingerprinted anyway so all that possible extra mileage on DNS lookups (once again depending on the location and how Cloudflare works with with CDNs (Content delivery networks give you access to say YouTube, iTunes Netflix etc from the closet server) Third part DNS servers may resolve lookups faster but cant always guarantee you are getting everything from the nearest server to you. CDNs like Akamai etc look to serve you content from your nearest location all the time. This means you may actually have slightly slower downloads and uploads, so Cloudflare could also be the source of lag and extra latency (not saying it is) just something to think on. Anyway that's going off subject here. Basically the logs are normal, the router may be dropping packets for a variety of reasons and on this firmware others have seen so called DoS attacks from their DNS provider so maybe this needs to be reported by the team to Netgear or whoever is in charge of the firewall. So worry about the logs, I highly doubt they are the source of your lag. I would try your own ISP DNS unless they are truly awful, and look into other ways of striving for privacy on the net, and realise that no matter what you do even the size of your browser window is leaking info on you to third parties. Link to comment Share on other sites More sharing options...
Netduma Staff Netduma Jack Posted February 8, 2019 Netduma Staff Share Posted February 8, 2019 Just to confirm what Killhippie said - these log readings are standard. If other routers showed you their logs, they'd display 'DoS attack' events too. It's far more likely that you're lagging offline for other reasons like NAT, ping spikes, incorrectly blocked servers etc. Link to comment Share on other sites More sharing options...
Tripper Posted February 8, 2019 Author Share Posted February 8, 2019 8 hours ago, Netduma Jack said: Just to confirm what Killhippie said - these log readings are standard. If other routers showed you their logs, they'd display 'DoS attack' events too. It's far more likely that you're lagging offline for other reasons like NAT, ping spikes, incorrectly blocked servers etc. Yeah I see DoS attacks all the time I know its normal in the logs just never seen DoS Attack: Ascend Kill and thats when I went offline I thought it had to do with that or something Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 9, 2019 Administrators Share Posted February 9, 2019 If you were being DDoSed you would likely know about it as your whole connection would go down, for all devices for quit a while. If you're simply just disconnecting from the game it's very likely something else Link to comment Share on other sites More sharing options...
Tripper Posted February 9, 2019 Author Share Posted February 9, 2019 7 hours ago, Netduma Fraser said: If you were being DDoSed you would likely know about it as your whole connection would go down, for all devices for quit a while. If you're simply just disconnecting from the game it's very likely something else I'm in xbox party on my pc and that went down as well It only happend for like 30 seconds and I don't see how I could be ddosed in a game of 16 players in a none ranked game mode Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 9, 2019 Administrators Share Posted February 9, 2019 Exactly its very unlikely to be a DDOS attack. More likely just a weird thing server side that caused you to disconnect Link to comment Share on other sites More sharing options...
Tripper Posted February 9, 2019 Author Share Posted February 9, 2019 1 hour ago, Netduma Fraser said: Exactly its very unlikely to be a DDOS attack. More likely just a weird thing server side that caused you to disconnect Yeah probably something to do with the broken halo mcc and does ddos protection even work on this router and also you guys should add somthing like AiProtection like asus Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 9, 2019 Administrators Share Posted February 9, 2019 What DDoS protection are you referring to? That could be something we look into in future Link to comment Share on other sites More sharing options...
Tripper Posted February 10, 2019 Author Share Posted February 10, 2019 9 hours ago, Netduma Fraser said: What DDoS protection are you referring to? That could be something we look into in future The wan setup has port scan and dos protection Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 10, 2019 Administrators Share Posted February 10, 2019 DoS is a bit different from DDoS so as far as I am aware it works yes. The only DDoS protection you could employ would be to use a VPN but I don't think DDoS is the issue you're having and a VPN would raise your ping which is unnecessary for you I think. Link to comment Share on other sites More sharing options...
Tripper Posted February 10, 2019 Author Share Posted February 10, 2019 4 hours ago, Netduma Fraser said: DoS is a bit different from DDoS so as far as I am aware it works yes. The only DDoS protection you could employ would be to use a VPN but I don't think DDoS is the issue you're having and a VPN would raise your ping which is unnecessary for you I think. My bad I mean dos not ddos I have protonvpn anyway I only use it in p2p games Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 10, 2019 Administrators Share Posted February 10, 2019 Ah great then yes I don't think you're having any issues with that at all Link to comment Share on other sites More sharing options...
.thumb.gif.2aa30d923930320277950463c00e99d0.gif)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.