Router says "ip spoofing attack"

Discussion in 'other firewalls' started by pandorax, Mar 31, 2012.

Thread Status:
Not open for further replies.
  1. pandorax

    pandorax Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    386
    I enabled logging and it shows ip spoofing attack!


    ip spoofing - WAN UDP source:192.168.1.2:59365 | destination:my internal ip:port | ATTACK

    What is that?
     
    pandorax, Mar 31, 2012
    #1
  2. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    The Hammer, Mar 31, 2012
    #2
  3. pandorax

    pandorax Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    386
    So the log that i posted here is really attack or not?

    PS: It is happening when torrent open.
    New log;

    ip spoofing - WAN UDP 192.168.1.2:22134 internal ip:torrent port ATTACK
     
    Last edited: Mar 31, 2012
    pandorax, Mar 31, 2012
    #3
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Here is a more readable explanations. Hacking into private home networks is more for TV-series.

    Intro: http://www.symantec.com/connect/articles/ip-spoofing-introduction

    explanation http://knight.segfaults.net/EE579/ look for the powerpoint IP Spoofing brief to class and IP spoofing powerpoint

    As a precaution, do the following:

    1. Have a wired backup
    Before taking precautions below, connect to your router with a wired PC, make sure this connection works. To prevent to be cut out, either by your own clumsiness or the (very) unlikely event of a hacker tacking over.

    2. Check access rights
    Disable remote admin/management capabilities and log-on options on your router. Check whether all access is protected with a password (some routers only have one admin, some two and some also user log-ins) and change them with your modem powered off.

    3. Limit number of available IP-addresses on the LAN
    limit the range of internal IP addresses to the number of clients you normally have on your LAN (don't forget the smartphone's).

    4. Check Source routing options
    Some routers have this, possibly under IP options/Advanced network setup. Look for anomolies from the default and disable this.

    5. Change network name and key
    Change the name of your network (by default the make of the router, give it another name to make it more difficult for attackers to know the weakspots of your router). Same with the encryption protection. Choose the strongest encryption type (WPA2), use a long longer than 12 characters pass phrase.


    I am not a fireall/router expert, there are a few on Wilders though
     
    Last edited: Apr 1, 2012
    Kees1958, Apr 1, 2012
    #4
  5. pandorax

    pandorax Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    386
    Thanks @Kees1958. I think i have a tough wireless setup. I can make pocket filter in router. The thing is i don't know if it is torrent thing or a real threat! And this thing is far beyond average user o_O
     
    pandorax, Apr 1, 2012
    #5
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...