cancel
Showing results for 
Search instead for 
Did you mean: 

DG834G Firewall configuration

PLC
Grafter
Posts: 58
Registered: 30-07-2007

DG834G Firewall configuration

I have this set to the defaults. I am getting an increasing number of alerts from IP addresses that purport to be from +net addresses. Is the default being over zealous and where can I find a set of rules that will provide me with adequate protection but stop my mailbox being filled with reports? Of course I could just turn the reporting off but this seems to defeat the whole object. Alternatively should I just regard the various attempts to attack as a fact of life?
9 REPLIES
N/A

Re: DG834G Firewall configuration

Quote
I have this set to the defaults. I am getting an increasing number of alerts from IP addresses that purport to be from +net addresses.



Hi Peter

I'm also getting an increase in my daily reports. I have the same router as yourself. Today I had to click on over three hundred delete post boxes! I have sent all the information to abuse@plus.net but always get an automated reply and no follow up.

To prevent the time wasted deleting loads of emails I have set my router not to email me, I think it will be easier to look at the logs when I'm logged in and delete them there.

Seems like it's a problem we have to cope with!

    :x
PLC
Grafter
Posts: 58
Registered: 30-07-2007

Reply

Thanks for that. Glad to know I am not the only one. Perhaps someone from +Net support will comment.
N/A

DG834G Firewall configuration

The firewall is doing its job, so leave it to carry on doing it.
The reporting is not really required unless you want to be flooded with report mails with every little ping. The only time to worry, is it your connection slows, then log onto the router and check if a DOS attack is taking place. After, you can submit the IP add of the DOS attack to abuse.
PLC
Grafter
Posts: 58
Registered: 30-07-2007

Reply

Thanks for that.
N/A

DG834G Firewall configuration

Same problem, same router!

It's a small world, init.
N/A

DG834G Firewall configuration

It's not a problem, just a fact of life. You are going to get scans and DOS attacks. It's just how paranoid you want to be about them.
Just think, if you didn't have a firewall, or one that logged attempts, you would know no difference.
Random TCP pings can be ignored unless they continue from one source for hours on end. DOS (Denial of Service) attacks for a minute or so can also be ingnored. Long term DOS attacks should be reported.
N/A

DG834G Firewall configuration

I've have the same Router and get a huge number of attacks, mainly from plusnet and force9 customers. Some go on for hours. When I first approached support they said that it was probably caused by people having virus or trojan on their PC. If that's the case then shouldn't these people be warned and asked to sort their PCs out. I shall continue to report back to support. The more that complain the more chance of some action.

Does anyone know how to set up reporting to exclude IP adress starting 80.229. That would solve a lot of the problem.
Community Veteran
Posts: 14,469
Registered: 30-07-2007

DG834G Firewall configuration

Where are you reporting them? You should send firewall logs/evidence to abuse@plus.net to be actioned. Raising a ticket may not always find it's way to the abuse dept.

PlusNet do take this activity very seriously and will take action with the systems / owners concerned but they can't if they are not told about it..
N/A

DG834G Firewall configuration

Thanks Peter. Logs on their way.