cancel
Showing results for 
Search instead for 
Did you mean: 

Router warns of DOS from PlusNet?

N/A

Router warns of DOS from PlusNet?

Past 2 days my Netgear D384G has been sending me security alerts like these:

UDP Packet - Source:212.159.13.49,53 [DOS]

or

UDP Packet - Source:212.159.13.50,53 [DOS]

Trying to connect to port 1051 on my IP. Using a Ping -a I resolve those 2 addresses as
pth-cdns01.plus.net
pth-cdns02.plus.net

And im pretty sure port 53 is DNS related, but not sure what would be using port 1051.. Since they are Plus.Net DNS (?) servers Im assuming its all ok? Anything I should be concerned with?
4 REPLIES
N/A

Router warns of DOS from PlusNet?


I have been receiving these for the last two days. I voice the same concerns as yourself.
N/A

Router warns of DOS from PlusNet?

Glad its not just me then. Just finished checking my system over and theres nothing different about it or any of the other pcs on the lan.

Search on Google for UDP 1051 only brings up results about "optima-vnet", but I have never heard of that.
N/A

Router warns of DOS from PlusNet?

Every connections you make to a remote system, or every connection made to you, has a source ip and port, and a destination ip and port.

In this case, the source IP is the DNS server and port for DNS queries.

The destination IP is yourself, along with a destination port of 1051. This is perfectly normal.

As for the DOS reports, you can safely ignore them.

They are normaly caused by over zelous firewalls. In this case, by rather delayed DNS queries. The firewall thinks they should have completed, so reports a DOS when they finaly do arrive.
N/A

Router warns of DOS from PlusNet?

Had another look at this, and it turns out my "bittorrent test machine" that I have been using to test plus.net torrent speeds is making these requests. svchost has binded itself to port 1051 and is doing.. whatever its doing... Its just a completely fresh XP SP2 installation with no configuration. Anyway if your interested you can use:

netstat -a -p udp -b

to find out what application is binded to the port.