Zyxel VMG1312-B10D: Your device is under attack.

Luca_Nardini
Luca_Nardini Posts: 3
First Comment Third Anniversary
edited March 2019 in Smart Home Product
Buongiorno.
Quali sono le cause che generano questo messaggio automatico (Your device is under attack) nel router Zyxel VMG1312-B10D?
E' frustrante non avere alcun tipo di spiegazione di questo problema.

Grazie.
Luca Nardini.

#CPE_Mar_2019

Comments

  • Zyxel_Support_CPE
    Zyxel_Support_CPE Posts: 187  Zyxel Employee

    Hi Luca_Nardini,

    Can you please let me know which situation you found this alarm message? And provide screenshot to me, thanks.  


  • Luca_Nardini
    Luca_Nardini Posts: 3
    First Comment Third Anniversary
    edited February 2021

    This is the only information.
    How can block the IP's source?
  • tonygibbs16
    tonygibbs16 Posts: 435
    5 Answers First Comment Friend Collector Second Anniversary
     Master Member
    Hello @Zyxel_Support_CPE and @Luca_Nardini,

    I get similar messages recorded in Syslog messages from my VMG1312_B10D running V5.13(AAXA.10)C0 .

    Am I correct in thinking that this means that firewall is blocking the attacks, as I have it set on Medium?

    Kind regards,
         Tony

    SourceMessageHostnameTimestamp (Device)SeverityTagFacilityApp NameProc IdMsg IdData
      0 to 50
    04/02/2021 23:36:26192.168.1.1Feb 4 23:36:30 kern.alert kernel: IN=ppp2.3 OUT= MAC= SRC=103.145.13.60 DST=51.155.x.173 LEN=428 TOS=0x00 PREC=0x00 TTL=48 ID=53920 DF PROTO=UDP SPT=5209 DPT=5168 LEN=408 MARK=0x1000000000-00 00:00:0000
    04/02/2021 23:36:25192.168.1.1Feb 4 23:36:30 kern.alert kernel: IN=ppp2.3 OUT= MAC= SRC=103.145.13.60 DST=51.155.x.173 LEN=428 TOS=0x00 PREC=0x00 TTL=48 ID=53866 DF PROTO=UDP SPT=5209 DPT=5068 LEN=408 MARK=0x10000000
  • Hello tonygibbs16.
    Exactly!
    With your help I've find the correct menù.
    Thanks.
  • tonygibbs16
    tonygibbs16 Posts: 435
    5 Answers First Comment Friend Collector Second Anniversary
     Master Member
    Hello @Luca_Nardini

    You are welcome.

    Kind regards, Tony
  • Ciao @Luca_Nardini

    Io ho lo stesso problema che ricevo quelle mail ogni 10 minuti circa.
    Come hai risolto???

    Grazie
  • Nessuna soluzione applicabile lato router.
    Abbiamo sfruttato il FailToBan del ns. firewall che blocca gli IP con troppi tentativi di accesso falliti. Dopo un po' gli attacchi si limitano sino a scomparire.
  • Ciao @Luca_Nardini

    Io ho lo stesso problema che ricevo quelle mail ogni 10 minuti circa.
    Come hai risolto???

    Grazie

Consumer Product Help Center