How to stop SYN FLOODs

Found 8th Jun 2007
A few weeks ago I got my first router (had been using a basic modem before that) and on 5 occasions now my connection has stopped working thanks to a SYN FLOOD attack. My internet becomes unusable and the only way to get it working again is to restart the router, according to the logs the SYN FLOODs are happening every few seconds. According to everything I have read online SYN FLOODs are really old and basic attacks that any half decent router should prevent against by default.

The router I have is a Belkin ADSL Wireless G Router - F5D7632-4

Please can someone help me to stop these attacks & remember this is my first router so I am not too up on technical terms and whatnot.


example log:…txt
Community Updates
The fact that it is logged shows that it has handled it and I'd guess that the router has discarded the request.

It is an old method of attack, you should check out smurf attacks! ahhh that takes me back

Actually unless a lack of sleep is affecting my brain it looks like the syn flood has originated from your machine? is an Internet non routable IP address so it must be an IP address inside your network. Check to see if there is a firmware upgrade for your router.
I get SMURF attacks also, and UDP FLOOD TO HOST (or something like that?). People say to ignore the IPs as mostly they are spoofed. I don't know if it is 'working' or not, but it does make my internet unusable either way
Unless you have a static IP address if you were to leave your router offline over night you'd probably have a different IP address next time you started up. If you do that and you still get the same log entries it unlikely that someone is targeting you as they wouldn't know what you address has changed to, so logically speaking, it would seem likely that your machine is the source of the dodgy traffic.

If you are getting the same kind of traffic on different IP addresses I would get your machine checked over in case it has been infected with a trojan and/or is part of a bot network.

You can find you current internet facing IP address by going somewhere like this site:
My IP is static. And when you say machine, do you mean my computer or the router itself? I did a full scan of my computer on Tuesday to eliminate a virus from the picture, and my computer is officially as clean as a whistle.

Also I have the latest firmware on it.

I'm at a loss really
Have you spoken to your ISP to see if they can monitor traffic?

If you are undergoing a denial of service attack once it reaches your router the damage is done. It can drop packets to its hearts content but the flood of traffic has already consumed your bandwidth.
Post a comment

    Top Discussions

    Top Discussions

    Top Merchants