Ping attacks and TCP-no flag attacks

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
12

Ping attacks and TCP-no flag attacks

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Ping attacks and TCP-no flag attacks
Ping attacks and TCP-no flag attacks
2022-10-05 01:23:18
Model: ER7206 (TL-ER7206)  
Hardware Version: V1
Firmware Version: 1.2.1

Is there anything in the router config that can help prevent ping attacks and TCP no-flag attacks?

 

This is a new install. I've been seeing a few of these a day. 

  0      
  0      
#1
Options
18 Reply
Re:Ping attacks and TCP-no flag attacks
2022-10-05 08:46:41 - last edited 2022-10-05 08:46:57

  @Ajcke 

 

coming from one or different IP addresses ?

  0  
  0  
#2
Options
Re:Ping attacks and TCP-no flag attacks
2022-10-05 10:20:39
Where can I find that information?
  0  
  0  
#3
Options
Re:Ping attacks and TCP-no flag attacks
2022-10-05 10:20:40
Where can I find that information?
  0  
  0  
#4
Options
Re:Ping attacks and TCP-no flag attacks
2022-10-05 14:04:40

  @Ajcke The controller has a security section that allows you to block this kind of stuff. now there is no reason to do so, unless there is an active incident running. Most operating systems from this century have long included countermeasures against this. 

  0  
  0  
#5
Options
Re:Ping attacks and TCP-no flag attacks
2022-10-05 23:11:30

  @Ajcke 

preventing that from changing your ip address. so the guy will stop attacking you. 

but anyway, if you surf on the internet, you can be found by the ip address. use customized DNS to mask your ddns and ip

ScReW yOu gUyS. I aM GOinG hoMe. —————————————————————— For heaven's sake, can you write and describe your issue based on plain fact, common logic and a methodologic approach? Appreciate it.
  0  
  0  
#6
Options
Re:Ping attacks and TCP-no flag attacks
2022-10-06 18:07:18

  @crrodriguez 

 

The Omada controller was offline for a few hours again today, but I'm not seeing in the controller why. Maybe the Ping attacks and TCP-no flag attacks had nothing to do with the last event. Screenshots of what's in the network security section are listed below. Should I be looking in the controller or router GUI to why the Ping attacks and TCP-no flag attacks are occurring? Anything you recommend to modify?

 

  0  
  0  
#7
Options
Re:Ping attacks and TCP-no flag attacks
2022-10-06 18:20:56

  @Tedd404 

 

How can I customized DNS to mask my ddns and ip in the Omada controller?

  0  
  0  
#8
Options
Re:Ping attacks and TCP-no flag attacks
2022-10-06 20:50:04

  @Ajcke I recommend you to disable all those "packet anomaly" options, and only keep "Block TCP Packets with SYN and FIN Bits Set" and "Block TCP Packets with FIN Bit but No ACK Bit Set"  ticked.


All the other "protections" are for bugs in ancient, unsupported operating systems. one that suggest you to block fragmented traffic is particulary evil since having fragmented traffic on the internet is sub-optimal/annoying but otherwise ok.

in  the Firewall Options section leave ON only "syn cookies" options since you can live fine without (send/recieve) icmp redirects and broadcasts pings. 

  0  
  0  
#9
Options
Re:Ping attacks and TCP-no flag attacks
2022-10-07 17:33:36

  @GRL 

 

Would I find this info in the Omada controller or do I need to log into the router interface?

  0  
  0  
#10
Options
Re:Ping attacks and TCP-no flag attacks
2022-10-07 17:35:53

  @Tedd404 

 

How do I use customized DNS to mask my ddns and ip in Omada?

 

  0  
  0  
#11
Options