Jump to content

router DOSing it self and makign internet unusable

Turboamerica
 Share

Recommended Posts

Turboamerica

Turboamerica

Posted
  • Author
Posted
17 hours ago, TimothyYoung said:

Hmmm that's interesting, I wanna say there's a ton of hacking in the ps4 community's now that I think about it

Does your internet work okay if you connect to your modem directly? 

Yep! Constant no drop speeds! 

17 hours ago, TimothyYoung said:

While rereading your original post, during ur efforts to find the problem, have u tried only having 1 device connected at a time?

Yep! Of corse. As soon as pc WIFI went on everything went bad

Link to comment
Share on other sites
TimothyYoung

TimothyYoung

Posted
Posted
17 hours ago, Turboamerica said:

Yep! Of corse. As soon as pc WIFI went on everything went bad

Ahh, very intriguing. Has this box ever ran at ur full bandwidth? And had those logs like that?

I was also meaning to ask if your modem might have some type of system logs?

Link to comment
Share on other sites
Turboamerica

Turboamerica

Posted
  • Author
Posted
22 minutes ago, TimothyYoung said:

I was also meaning to ask if your modem might have some type of system logs?

Uhh,I really don’t know,I live in a multi store house with many flats,and the best info I get is ISP saying “no issues”

Link to comment
Share on other sites
Netduma Alex

Netduma Alex

Posted
Posted
14 hours ago, TimothyYoung said:

Hmmm that's interesting, I wanna say there's a ton of hacking in the ps4 community's now that I think about it

Really? Do you mean people are hacking their PS4s (for homebrew and such) or people are trying to hack/DDoS other players?

I think it's unlikely that the router has been hacked at all since it's brand new. I would suggest, if possible, that you start your network with nothing, and connect devices to it one at a time until the logs start to show up.

Link to comment
Share on other sites
Turboamerica

Turboamerica

Posted
  • Author
Posted
34 minutes ago, Netduma Alex said:

Really? Do you mean people are hacking their PS4s (for homebrew and such) or people are trying to hack/DDoS other players?

I think it's unlikely that the router has been hacked at all since it's brand new. I would suggest, if possible, that you start your network with nothing, and connect devices to it one at a time until the logs start to show up.

the logs were normal before pc connected to wifi

Link to comment
Share on other sites
TimothyYoung

TimothyYoung

Posted
Posted
6 hours ago, Netduma Alex said:

Really? Do you mean people are hacking their PS4s (for homebrew and such) or people are trying to hack/DDoS other players?

I think it's unlikely that the router has been hacked at all since it's brand new. I would suggest, if possible, that you start your network with nothing, and connect devices to it one at a time until the logs start to show up.

I believe it's most just players ddos others players and lag switches which is a form of ddos or disconnection...

Link to comment
Share on other sites
Posteldude

Posteldude

Posted
Posted

Hi, I have exactly the same problem! This router xr500 is 100% hacked with automatic installation on router gui !? My router light on the left side is now darker!?!? Have times entered as a test in the dmz an ip that has no device and have seen in the logbook that a remote is immediately available with unknown port 34701 ?? No device connected there? What can I expect from a 300 euro router now? Absolutely need help otherwise it was my last router from netgear 😩

Link to comment
Share on other sites
Newfie

Newfie

Posted
Posted
5 minutes ago, Posteldude said:

I found this https://www.chip.de/news/Viele-WLAN-Router-von-Sicherheitsluecke-bedroht-Eine-Funktion-sollten-Nutzer-jetzt-lieber-abschalten_182735284.html sry is german site

That’s a bit out of date. All those were fixed by firmware. I doubt you have been hacked. Don’t put your router in DMZ.

Link to comment
Share on other sites
Guest Killhippie

Guest Killhippie

Posted
Posted
10 minutes ago, Posteldude said:

Hi, I have exactly the same problem! This router xr500 is 100% hacked with automatic installation on router gui !? My router light on the left side is now darker!?!? Have times entered as a test in the dmz an ip that has no device and have seen in the logbook that a remote is immediately available with unknown port 34701 ?? No device connected there? What can I expect from a 300 euro router now? Absolutely need help otherwise it was my last router from netgear 😩

Its not 100% hacked unless you didn't patch your firmware! Hope its running 2.3.2.56. That info was from Herzner and they were a dodgy outfit running massive port scans I talked to them about this at the time. You do realise if its in the logs its blocked... as far as this "This router xr500 is 100% hacked with automatic installation on router gui" whats on the GUI that even begins to make you think you are hacked?

Link to comment
Share on other sites
Posteldude

Posteldude

Posted
Posted

My router is on the newest version but had to downgrade because I had an error (not load yet) and after that the new firmware is installed over the router, the right light is darker which I found strange! I have made a factory reset several times, no improvement !! What I also noticed is that he does not open the ports for the ps4 properly and the ports on upnp do not close after 30 minutes. The item I found fits my problem! How can I delete and reinstall the firmware? Sry for my bad english

Link to comment
Share on other sites
  • Administrators
Netduma Fraser

Netduma Fraser

Posted
  • Administrators
Posted

You can disable automatic updates from the firmware update page in Settings if you want to prevent that happening. You are essentially opening a device up to the internet by placing in the DMZ but you are still protected so I wouldn't worry about that entry too much. What is your physical setup exactly?

Link to comment
Share on other sites
Posteldude

Posteldude

Posted
Posted

The ip address I entered should not exist!?! Since I have nothing connected! My current setup is with a fritzbox 75xx via dhcp without open ports. I also have a Vigor165 modem with which I ran it in full brige mode! But since I have the problems that the router runs oddly no ports properly opens these strange disconnects in the router! And not even turns off the connection (5 min) and ddos is in log and the connection is back?!?! I once hung it on the Fritzbox in dhcp mode suddenly the ports are there again (ps4) 2 pieces of codmw but they are not open even though I configured it manually on the Fritzbox with green FritzBox symbol so that they are on but not in the game cod are on? Everything is running on the fritzbox!?! I really don't know what to do anymore 😩 the router does exactly the opposite in the game everything is set correctly and nothing else helps! What else can I do?? And if the router has a kind of virus, a full reset with the latest firmware should delete the virus or whatever? Vdsl 50 mbit

Link to comment
Share on other sites
  • Administrators
Netduma Fraser

Netduma Fraser

Posted
  • Administrators
Posted

It's likely a bot on the internet scanning for potential open networks. Put the Fritzbox in router mode, put the WAN IP of the XR router found in System Information into the fritzbox DMZ. Then DMZ on the XR will work correctly. You won't have a virus but hypothetically if there was one then yes it would clear it.

Link to comment
Share on other sites
Guest Killhippie

Guest Killhippie

Posted
Posted
5 minutes ago, Netduma Alex said:

In full bridge mode it should be fine as long as you set your XR500 not to respond to pings on the WAN port.

That would mess up using say Thinkbroadband's firebrick which monitors your line. Anyone can see a router online because any set of IP addresses which are not visible are either offline or steathed hence the port scans as no reply will mean stealth mode generally. Its all okay and nothing to worry about as everyone gets DoS style attacks in Netgear logs which are paranoid and port scans are very common.

Link to comment
Share on other sites
  • 6 months later...
TimothyYoung

TimothyYoung

Posted
Posted
On 6/2/2020 at 10:56 AM, Killhippie said:

That would mess up using say Thinkbroadband's firebrick which monitors your line. Anyone can see a router online because any set of IP addresses which are not visible are either offline or steathed hence the port scans as no reply will mean stealth mode generally. Its all okay and nothing to worry about as everyone gets DoS style attacks in Netgear logs which are paranoid and port scans are very common.

yes, port scans are very common and like fraser noted ppl will use bots to scan for those open ports across the internet or jerks that may get ahold of your ip could decide to trash your connection by doin port scans, which will throw false ddos..

I recommend not using upnp and ofc never respond to pings, always set your ports needed

hope owner of post found a resolve 

Link to comment
Share on other sites
MotFPS

MotFPS

Posted
Posted
On 5/26/2020 at 2:38 PM, TimothyYoung said:

LAN access from remote] from 35.223.90.88:30140 to 192.168.1.5:80, Tuesday, May 26, 2020 18:10:04

That's google's search engine indexing OP's home webserver running on 192.168.1.5. 

 

OP?  If you're not running a web server, find out what 192.168.1.5 is and consider it compromised. If that's your PS4 like you said above, you might want to wipe that thing. 

anyone running a webserver knows that it gets hit 1000's of times a min by indexers and people all over the world. 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...