Main Forum > General Computer Support

How to get protection of DOS attack against udpEcho Chargen attack?

(1/3) > >>

jraju:
How to get protection of DOS attack against updEcho Chargen attack?
I repeat the question to stress that my router logs shown such thing in a normal log. the exact log is
My Router log.Is given below:
DoS: UdpEchoChargen Attack source=foreign ip= destination IsP assigned external ip
The IPs are removed for security purposes. Which are the ports to be blocked in the router. I am having Dlink 2730U india model

Boggin:
Routers are attacked all of the time but the router's firewall blocks them - nothing to worry about normally.

Some router's firmware type is prone to such router hijacks though and a Google to see if your router falls into that category may put your mind at rest.

Netgear and Linksys seem to be the most prone but there are other methods of hijacking.

Google which routers are prone to hijacking and you'll see a number of links.

jraju:
Hi, boggin, now i understand, i have enabled both errors and notice in the system log in the router. So, any attack or any activity would be notified by it , even though it is only a kind of information and not the actual attack. Now, i removed the notice, but kept errors report, as it will save me from opening the router page often to clear the logs.
                    All the routers are affected, as far  as i know, as most routers are configured for internet access only. They do not enable or disable anything, and leave the rest settings as default. But default settings allow some initial ports for the users. It is the users who have to be very careful about  those settings. For example, dlink , does not enable the DOS attack by default. i did. Likewise, ping was enabled in Lan and Wan. This is mainly responsible for age old ping attack, echo attack etc.
                            Thanks. i disabled the ping and avast now shows nothing and router logs does not show, any linkdown etc in the router logs. When you open other electronic, only physical things are seen , but when you open the  router page, you could see so many things that affect your gateway. Your service providers would provide normal protection and it is you, who has to see the pages of settings of the router to correct the settings
Do shane has any security software in his other tools forum?

Boggin:
Your router's firewall is usually sufficiently robust to stop these attacks but from the article I'd posted, some routers because of their firmware, there are gaps in the router's security which allow them to be hacked and it is up to the router manufacturers to modify and update their firmware to counter these hijacks.

MS do it all of the time in releasing security patches for various aspects of Windows, unfortunately, router manufacturers may be a bit slower in addressing these problems.

Samson:
J, FYI the CIA used "CherryBlossom" to hack a whole bunch of routers. A full list here....

https://wikileaks.org/vault7/document/WiFi_Devices/WiFi_Devices.pdf

Navigation

[0] Message Index

[#] Next page

Go to full version