Monday, June 28, 2010
Windows Firewall warnings; DoS RST warnings on logs from home routers
I went and looked at my home router logs, and found a few entries like this at about that time:
"[DoS Attack: RST Scan] from source: 18.104.22.168, port 80, Monday, June 28,2010 07:55:21"
Domain Tools showed that the IP address belongs to Microsoft, so I can only guess that an ad on the television station website tried to open an unusual and non-permitted port. Or perhaps it’s a real “Microslop” bug, since it’s not repeatable. The logs showed no evidence of neighborhood "wardriving."
NetGear’s own forum is here.
Apparently iPillion (here) collects complaints by ISP.
According to this writeup routers normally warn of attempted attacks. But why the Firewall problem? The warnings are usually on Port 80.