Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Networking
Go to first new post Manchester United vs Liverpool
Go to first new post Internet connections
Go to first new post Dual band broadcasting problem, only 1 b ...
Go to first new post Home Network
Go to first new post Router and laptop conflict
Go to first new post Laptop network connectivity issue
Go to first new post Cannot connect
Go to first new post Can 2 machines, one with linux and other ...
Go to first new post logging on to a wireless
Go to first new post Home network set-up
Go to first new post I can ping everything on network but can ...
Go to first new post Share ethernet internet using wireless A ...
Go to first new post Netgear wpn824 router drops signal
Go to first new post Need to set up a home system, help with ...
Go to first new post help with NAT and Port Forwarding/Trigge ...
Tag Cloud
access acer asus bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory modem monitor motherboard network printer problem ram registry router security slow software sound toshiba trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Internet & Networking > Networking >
My NetGear Security Logs

Reply  
Thread Tools
pfiltz's Avatar
Member with 282 posts.
  
Join Date: Jan 2005
17-Nov-2009, 08:08 AM #1
My NetGear Security Logs
Thanks to the folks who suggested for me to look into getting my Netgear Routers to setup our IPSec VPN. Works great. Thanks.

I do have one question though.

I have setup some rules to help beef up security on them, to try and prevent hackers, such as.... These area of IT is a bit over my head to start with. I'll admit. I'm just a part-time IT person for a small company.

I have these rules in place

To Block Always

AIM
TELNET
DNS
FINGER
SQL-NET
NEWS
TFTP


WIth that being said, I see things like this in my log..

Tue, 2009-11-17 05:09:52 - ICMP packet - Source: 113.147.134.170 -
Destination: 65.81.104.5 - [ICMP Type: 8 Code: 0 Access Policy not
found, dropping packet from WAN]

Or

Tue, 2009-11-17 05:09:34 - UDP packet - Source: 91.62.97.138 -
Destination: 65.81.104.5 - [Access Policy not found, dropping packet Src
1044 Dst 6211 from WAN]

When I go out to whatsmyipaddress and check, those Source numbers are sometimes in China, UK, or where ever.

WHY?

I have a pretty lengthy password on the routers, and both are different. Anything else I should do to maximize security on them?

TIA
Register for free to hide this ad!
cwwozniak's Avatar
Computer Specs
Trusted Advisor with 32,994 posts.
  
Join Date: Nov 2005
Location: McHenry, IL - USA
Experience: Enough to be dangerous
17-Nov-2009, 12:20 PM #2
The access attempts were most likely hackers on the Interent scanning random blocks of public IP addresses looking for vulnerable systems. The router was just logging the fact that it blocked the incoming connection attempts. You can easily get several hundred blocked attempts per day.

There is another possibility if your Internet service uses dynamic public IP addresses. The previous user of the address that you now have may have been running a game server or a file sharing program and other computers are still trying to connect to their computer.
__________________
Chuck W.
I am not in this world to live up to your expectations, And you are not in this world to live up to mine. - Fritz Perls
midders's Avatar
Account Closed with 654 posts.
  
Join Date: Dec 1969
17-Nov-2009, 12:25 PM #3
For greatest possible security you should block all incoming and outgoing traffic by default and have specific allow rules for traffic that is permitted. Remote administration of your router should be disabled, so that only LAN users with the password can possibly change the router settings. Also disable UPnP unless it is specifically required by your company.
pfiltz's Avatar
Member with 282 posts.
  
Join Date: Jan 2005
18-Nov-2009, 08:35 AM #4
Appreciate the info guys...

My main concern of course, is security.

I'll disable UPnP as well.
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Networking | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 11:28 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.