|
|
| Page 1 of 1 |
Phluxed
VIP Member
Posts: 4911
Location: Oakville, Ontario, Canada
|
 Posted: Sat, 10th Sep 2005 00:50 Post subject: Router Issue |
|
 |
Since there is no networking forum that I can find, I'll post ths here and hope for the best.
I'm using a D-Link DI-624 router and trying to play NHL2006 over it. I opened the ports like it said to, but I am unable to connec to games. It just times out. I've recently looked at the log only to find during the time of attempted connections the router log reads:
Sep/09/2005 13:40:35 SYN Flood Attack Detect Packet Dropped
Sep/09/2005 13:40:34 SYN Flood Attack Detect Packet Dropped
Sep/09/2005 13:40:33 SYN Flood Attack Detect Packet Dropped
Sep/09/2005 13:40:32 SYN Flood Attack Detect Packet Dropped
Sep/09/2005 13:40:31 SYN Flood Attack Detect Packet Dropped
Sep/09/2005 13:40:30 SYN Flood Attack Detect Packet Dropped
Sep/09/2005 13:40:29 SYN Flood Attack Detect Packet Dropped
Sep/09/2005 13:40:27 SYN Flood Attack Detect Packet Dropped
Sep/09/2005 13:40:26 SYN Flood Attack Detect Packet Dropped
which to me, means that its thinking the attempted P2P connection of NHL2006 is actually an attack. Does anyone know a way to fix this or disable this protection?
|
|
| Back to top |
|
|
[sYn]
[Moderator] Elitist
Posts: 8374
|
| Posted: Sat, 10th Sep 2005 01:17 Post subject: |
|
|
A syn flood is what I know best (thus the name) - The SYN flood attack sends TCP connections requests faster than a machine can process them.
* attacker creates a random source address for each packet
* SYN flag set in each packet is a request to open a new connection to the server from the spoofed IP address
* victim responds to spoofed IP address, then waits for confirmation that never arrives (waits about 3 minutes)
* victim's connection table fills up waiting for replies
* after table fills up, all new connections are ignored
* legitimate users are ignored as well, and cannot access the server
* once attacker stops flooding server, it usually goes back to normal state (SYN floods rarely crash servers)
* newer operating systems manage resources better, making it more difficult to overflow tables, but still are vulnerable
* SYN flood can be used as part of other attacks, such as disabling one side of a connection in TCP hijacking, or by preventing authentication or logging between servers.
Based on this I would suggest that the machine your trying to connect to cannot be reached or does not exist. Did you open UDP and TCP? Also, do you have a "hack attempt" blocker - some routers come with IDS's which could kick in and block the connection.
|
|
| Back to top |
|
|
Phluxed
VIP Member
Posts: 4911
Location: Oakville, Ontario, Canada
|
| Posted: Sat, 10th Sep 2005 01:32 Post subject: |
|
|
I don't believe I have a hack attempt blocker. If I do, I don't have a clue where to look for it in the router settings. The UDP and TCP were opened as per request of the manual that came with the game, but every site I've tested the ports on, has said the ports are closed. I know I've done it right, but something just doesn't seem to be working.. Also what's an IDS, does it go by another name?
|
|
| Back to top |
|
|
headshot
VIP Member
Posts: 35872
Location: UK
|
| Posted: Sat, 10th Sep 2005 01:43 Post subject: |
|
|
I believe IDS is intrusion detection system but I could be wrong.
May the NFOrce be with you always.
|
|
| Back to top |
|
|
Phluxed
VIP Member
Posts: 4911
Location: Oakville, Ontario, Canada
|
| Posted: Sat, 10th Sep 2005 01:45 Post subject: |
|
|
I think my router has it built in, but.. I don't think I can disable it. I mean theres a thing in the log settings that lets me disable the logging of 'attacks or intrusions' but I can't find in any of the advanced settings a way to turn the actual detection off...
|
|
| Back to top |
|
|
[sYn]
[Moderator] Elitist
Posts: 8374
|
| Posted: Sat, 10th Sep 2005 02:31 Post subject: |
|
|
| headshot wrote: | | I believe IDS is intrusion detection system but I could be wrong. |
Yup, like a firewall, but with brains.
| Phluxed wrote: | | I think my router has it built in, but.. I don't think I can disable it. I mean theres a thing in the log settings that lets me disable the logging of 'attacks or intrusions' but I can't find in any of the advanced settings a way to turn the actual detection off... |
Mmmm there must be a way! Its no doubt the IDS causing issues, although your machine is saying those ports are still blocked..
Windows firewall?
Other firewall?
|
|
| Back to top |
|
|
Phluxed
VIP Member
Posts: 4911
Location: Oakville, Ontario, Canada
|
| Posted: Sat, 10th Sep 2005 02:40 Post subject: |
|
|
None, Don't run any. TBH, we don't keep any sensitive data on this network, we have a secured one for all our banking and the like. This one is for gaming and if I didn't requre the wireless, I'd go with the hub... I'm going to have another look in the router settings.
|
|
| Back to top |
|
|
| Page 1 of 1 |
All times are GMT + 1 Hour |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group
|
|
 |
|
