2
I was looking in the log on my router Netgear WNR-2000 today and found this log entry:
[DoS Attack: ACK Scan] from source: 78.72.133.126, port 27014, Friday, November 19,2010 10:49:04
What does this mean? I hardly believe that I'm under a "Dos Attack", but what does ACK Scan mean? is it a "port-scan" e.g. someone is looking what ports I have open?
Should I be worried? or is it just fine?
Jonas
Posted 2010-11-19T17:35:30.377
Reputation: 21 007
4
An ACK Scan is just that. Someone was scanning for acknowledgements from your router in the hopes they could cross your firewall and penetrate your network. An explanation with pics is available here:
http://www.networkuptime.com/nmap/page3-12.shtml
Should you be worried? Not if your equipment caught it. However, equipment won't catch everything.
Everett
Posted 2010-11-19T17:35:30.377
Reputation: 5 425
3
DoS = Denial of Service - This is just labeling this event as a possible DoS attack. There are different forms of it and this request is one part of this type of attack.
ACK = Acknowledgement - This is a stage of the TCP network protocol.
It is looking for open ports that will respond (acknowledge) a port request or ping. Your router/firewall sounds like it is doing its job.
I would only be partially concerned if it was happening a lot or if it was trying to communicate with a known open port you have. One entry is pretty common. Most people would be surprised how much their home internet connections get scanned for open ports.
Troggy
Posted 2010-11-19T17:35:30.377
Reputation: 10 191