Zyxel VMG1312-B10D: Your device is under attack.

Options
Luca_Nardini
Luca_Nardini Posts: 5
First Anniversary First Comment
edited March 2019 in Smart Home Product
Buongiorno.
Quali sono le cause che generano questo messaggio automatico (Your device is under attack) nel router Zyxel VMG1312-B10D?
E' frustrante non avere alcun tipo di spiegazione di questo problema.

Grazie.
Luca Nardini.

#CPE_Mar_2019

Comments

  • Zyxel_Support_CPE
    Zyxel_Support_CPE Posts: 188  Zyxel Employee
    First Anniversary
    Options

    Hi Luca_Nardini,

    Can you please let me know which situation you found this alarm message? And provide screenshot to me, thanks.  


  • Luca_Nardini
    Luca_Nardini Posts: 5
    First Anniversary First Comment
    edited February 2021
    Options

    This is the only information.
    How can block the IP's source?
  • tonygibbs16
    tonygibbs16 Posts: 860  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hello @Zyxel_Support_CPE and @Luca_Nardini,

    I get similar messages recorded in Syslog messages from my VMG1312_B10D running V5.13(AAXA.10)C0 .

    Am I correct in thinking that this means that firewall is blocking the attacks, as I have it set on Medium?

    Kind regards,
         Tony

    SourceMessageHostnameTimestamp (Device)SeverityTagFacilityApp NameProc IdMsg IdData
      0 to 50
    04/02/2021 23:36:26192.168.1.1Feb 4 23:36:30 kern.alert kernel: IN=ppp2.3 OUT= MAC= SRC=103.145.13.60 DST=51.155.x.173 LEN=428 TOS=0x00 PREC=0x00 TTL=48 ID=53920 DF PROTO=UDP SPT=5209 DPT=5168 LEN=408 MARK=0x1000000000-00 00:00:0000
    04/02/2021 23:36:25192.168.1.1Feb 4 23:36:30 kern.alert kernel: IN=ppp2.3 OUT= MAC= SRC=103.145.13.60 DST=51.155.x.173 LEN=428 TOS=0x00 PREC=0x00 TTL=48 ID=53866 DF PROTO=UDP SPT=5209 DPT=5068 LEN=408 MARK=0x10000000
  • Luca_Nardini
    Options
    Hello tonygibbs16.
    Exactly!
    With your help I've find the correct menù.
    Thanks.
  • tonygibbs16
    tonygibbs16 Posts: 860  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hello @Luca_Nardini

    You are welcome.

    Kind regards, Tony
  • Carlucc_88
    Options
    Ciao @Luca_Nardini

    Io ho lo stesso problema che ricevo quelle mail ogni 10 minuti circa.
    Come hai risolto???

    Grazie
  • Luca_Nardini
    Options
    Nessuna soluzione applicabile lato router.
    Abbiamo sfruttato il FailToBan del ns. firewall che blocca gli IP con troppi tentativi di accesso falliti. Dopo un po' gli attacchi si limitano sino a scomparire.
  • Carlucc_88
    Options
    Ciao @Luca_Nardini

    Io ho lo stesso problema che ricevo quelle mail ogni 10 minuti circa.
    Come hai risolto???

    Grazie

Consumer Product Help Center