I have a RVS4000 Gigabit Security Router sitting between my pc and modem, my modem doesn't have a firewall, and interestingly these are the things it has been blocking recently. Possible DoS HGOD SynKiller Flooding BAD_TCP_FLAG P2P Vagaa connection attempt - 2 IP_BAD_TCP_L4_SIZE DoS MS-SQL Slammer Worm Can a firewall expert explain 1 by 1 what they are?
HGOd is a utility for creating Denial of Service attacks, SYN is one of the switches that can be used for to create a specific attack type, i.e. syn floods This indicates a TCP frame was received with inappropriate flags, syn/fin back-to-back. This can be used by something like nmap when probing for OS types, as different operating systems respond differently. Vagaa is a somewhat depreciated Chinese p2p client. If you're not running the client, it's probably Internet background noise. L4 refers to layer 4 in the OSI stack an example an L4 protocol is TCP. receipt of these frames could indicate probing for OS detection, based on windows size. As with the TCP bad Flag, different operating systems respond differently. A older worm used to exploit an old version of Microsoft SQL server. Most of these could simpley be background traffic, such is the Internet. However, if you're seeing these in high quantities, you may want to investigate further, as some of them can degrade bandwidth.