Hot Downloads



The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: router reporting frequent security alerts

router reporting frequent security alerts 12 years 11 months ago #14048

Recently configured my router to email me when it detects a DoS attack or a port scan.

i'm finding very frequent UDP and TCP Packet DoS alerts.

an example

TCP Packet -,xxxx Destination:xxx.x.x.xx,xxxxx - [DOS]

what is going on here surely there can't be that many DoS attacks on my network everyday.

Re: router reporting frequent security alerts 12 years 11 months ago #14049

  • nske
  • nske's Avatar
  • Offline
  • Expert Member
  • Expert Member
  • Posts: 613
  • Thank you received: 0
Well, we should know more on what kind of traffic the router considers abnormal and marks as a DoS. Unfortunately the example doesn't say anything.

Some things that would be useful to clarify:
- Does the suspicious traffic come from within the network or from the outside?
- Is there some apparent pattern on the traffic? I.e, is it destined to a specific host and coming from multiple soures, or the opposite?
- What is the duration of each "attack" and what hosts of your network does it involve (operating system, role -if they serve as a workstation or to provide some kind of services)

You could configure your router to log the full header information of the traffic, or ideally the whole traffic including the payload. This should provide enough information to tell what's going on ;)
  • Page:
  • 1
Time to create page: 0.095 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup