×

Switch Account

Are these hack attacks to my Quantum Router?

Are these hack attacks to my Quantum Router?

Reply
Nickel Contributor
Nickel Contributor
Posts: 47
Registered: ‎06-03-2011
Message 1 of 4
(4,172 Views)

Have 30 to 50 of these messages per day after I installed the New FIOS Quantum Router. Am I being attacked?

 src={edited for privacy} = these id numbers change all the time.

NOTE I HAVE Wi-Fi Protected Setup (WPS) OFF!

 

Jun 2 01:17:09 2017ulogd[664]notice<173> Blocked IN=eth0 OUT= MAC=48:5d:36:e4:a0:dd:f4:b5:2f:01:57:c2:08:00 src={edited for privacy} DST={edited for privacy} LEN=52 TOS=00 PREC=0x00 TTL=58 ID=60937 DF PROTO=TCP SPT=443 DPT=53950 SEQ=12866182 ACK=2344947956 WINDOW=118 ACK URGP=0 MARK=0

 

 

3 REPLIES 3
Highlighted
Platinum Contributor III Platinum Contributor III
Platinum Contributor III
Posts: 7,391
Registered: ‎12-15-2010
Message 2 of 4
(4,081 Views)

Looks like typical Internet noise. 

 

The IP address provided in that Firewall log is coming from an Opera Mini Proxy service. So likely it is someone's browser trying to access an HTTP server which was previously residing on the public IP addres you now have.

Highlighted
Platinum Contributor III Platinum Contributor III
Platinum Contributor III
Posts: 7,771
Registered: ‎11-04-2008
Message 3 of 4
(4,022 Views)

may want to edit this post.

You have publicly posted your IP address for your router.

Someone that knows router security deficiencies could access it.


If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem.
Highlighted
Bronze Contributor II
Bronze Contributor II
Posts: 75
Registered: ‎12-28-2011
Message 4 of 4
(3,026 Views)

Smith - Long time since I was on DSL Reports and got your great help and advice.  Nice to see you here!

I just got my 1Gbps FIOS two days ago and have now read identical entries in my Quantum Security Log.  I looked up a few source IPs.  A few were from Google.  At least one was from Avast, which I use for AV.  One was from windows.com of Microsoft.  But one was located in Moscow!

Hostname	hosted-by.ihc.ru
IP	178.57.222.100
Domain	ihc.ru
Organization	IHC.RU network in Digital Hub
Location	Russia

This is exciting!  Putin's boys want to spy on me!!!  (I think they'll die of boredom.)

Anyway, for the one entry indicating that a something from Avast was "Blocked" -- do I need to do anything?  I would think not because Avast has always been able to update itself.

Just close out and go have breakfast, yes?

But - is there any app that will watch the security log and make me an additional log that will automatically show the actual owners of the IP addresses?  So I don't have to look them up manually?

Thanks, Smith!

How-To Videos
 
The following videos were produced by users like you!
   
Videos are subject to the Verizon Fios Community Terms of Service and User Guidelines and contains content that is not created by Verizon.


Browse Categories
Categories:
Posts

Verizon Troubleshooters
Unable to find your answer here? Try searching Verizon Troubleshooters for more options.