XR500 Beta Feedback..

[Zippy]

2 hours ago, UK Sentinel said:

61.172.205.183 is a Chinese IP Address (one of many) reported for Abuse, As long as they Scan and do not get in, nothing to over concern yourself with from A security perspective  (hopefully) 

https://www.abuseipdb.com/check/61.172.205.183

That is true.. As long as they dont get through the firewall.. In my case I was doubting if my firewall was properly working.. There was a few things that occurred when I had these attacks.. One was it brought my network to a halt because of the ports that were being targeted.. Simple web pages wouldnt load, Updates wouldnt get through, things like that.. The router also began to scan and block ports that were from also know IPs.. Its common to see these attacks.. But not very common to see them on ports such as 80, 8080, 443, 53 ect.. And not common to see them flood those ports.. Which will cause a network performance issue like it did to myself..

I was on the most current beta firmware 120 and what was concerning on my XR500 was that my NAT type was still reporting Open when everything was locked down in the router.. When that occurred and given these attacks taking place I didnt feel comfortable at this point because I felt the firewall may not be properly working at this point.. So I took my XR out of my Network.. I much rather be safe then sorry.. Specially when running beta firmwares.. Because anything can happen during betas.. 

Zippy.

[UK Sentinel]

Totally agree, safety first 👍

[Zippy]

2 minutes ago, UK Sentinel said:

Totally agree, safety first 👍

Exactly! This isnt meant to scare anybody.. It was just my situation was odd with my NAT reporting Open when it shouldnt have been.. 

Zippy.

[Zippy]

6 hours ago, Will said:

@Zippy, question if I was to change the nat filter to secured  would that eliminate this DoS attacks your thoughts?

 

I tried that and it didnt eliminate the attacks.. My situation is unique because of my NAT type reporting Open on my Xbox when everything is locked down.. In your case you are likely fine.. Im sure Fraser can give you better guidance.. As a test you can always set that to Secure and shut Upnp off and have no port forwarding no DMZ and see if the device you play on is still reporting an Open NAT.. It should not show Open at that point.. 

Thanks!

Zippy.

[Netduma Fraser]

Hi @Will so DoS attacks are relatively normal for Netgear routers, it is usually nothing to worry about, normally showing connections you've made or generic bots scanning the internet. The concerning thing there is that it's on port 80 and that it's an unknown IP from China. I assume if it was causing any issues you would have mentioned it so it's likely not a problem. However, it would be good to try setting the NAT to secured and see whether you see the same entries & try Zippy's suggestion about trying to force the console to have a strict/mod NAT as it definitely shouldn't be possible with NAT secured/UPnP off etc. If it is open then it would be more of a cause for concern.

[Will]

Hi Fraser,

Phew I can now stop worrying lol, sorry  As you can imagine I was like OMG what’s going on. thank you  Fraser👍

I might later today try setting the Nat to secured an see how I get on first. If no change I’ll try Zippy’s suggestion as well fingers crossed.

As always appreciate your support Fraser 👍

@ Zippy thank you too for your guidance mate 🙏 

Will