AMG1001-T10A NAT problem

Didier

Hi,
My home network is behind an AMG1001-T10A ADSL router and on my only desktop computer connected at
that time, I saw a connexion attempt which was blocked by my firewall:

16:20:58.878937 rule 0/0(match): block in on rl0: 125.64.94.208.57033 > 192.168.1.10.13215: UDP, length 0
16:20:58.878947 rule 0/0(match): block in on rl0: 125.64.94.208.57033 > 192.168.1.10.13215: UDP, length 0
16:20:58.879914 rule 0/0(match): block in on rl0: 125.64.94.208.57033 > 192.168.1.10.13215: UDP, length 0

The AMG1001 NAT router is redirecting only tcp ports 7547,80,443 to my desktop computer (192.168.1.10),
so I am surprised to see an attempt to connect to port 13215 which is normally not redirected.
This public IP 125.64.94.208 is from China and has been reported for scanning: https://www.abuseipdb.com/check/125.64.94.208

Do you think my router has been hacked ?
#CPE_January

Ansa

Hi.

It looks like the router blocked these traffic, based on current information, there is no clear clue shown your router has been hacked.
However, it would be highly recommend that you could check if there is any unusual settings in your router and also change the password for it.

Didier

Thank You Ansa for your reply,
I didn't left the default password and changed it for a strong password. All settings are Ok and I redirected port 7547 because this port is seen by default from the Internet. This router is not secured by defaut, so I changed ACL to disable access from WAN.
I am a bit worried about this router because it seems there is no more firmware updates.