LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Whats is Router Logs
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-19-2023, 06:07 PM   #1
4pr3nd1z
LQ Newbie
 
Registered: Jan 2022
Distribution: Debian
Posts: 23

Rep: Reputation: 0
Question Whats is Router Logs

Hi guys,
I have a question, I'm not sure this is the place for my concern. Please excuse me.
It turns out that I have an Arris model HFC modem, the same one that the operator provides.
Entering the administration panel: -> Utilities -> System Logs
I find the following record somewhat intriguing, I want to know its meaning.

Specifically about the lines that are marked in bold

Code:
2023-10-19 18:38:18.00 [DOS]UDP Packet - Source:192.168.254.254,652 Destination:192.168.254.253,59446
2023-10-19 18:38:20.00 [PRIV TCP packet: ]TCP Packet - Source:222.103.170.183,56597 Destination:[IpPublic],23
2023-10-19 18:38:22.00 [UNPRIV TCP packet: ]TCP Packet - Source:95.214.55.244,44965 Destination:[IpPublic],3629
2023-10-19 18:38:27.00 [DOS]UDP Packet - Source:192.168.254.254,707 Destination:192.168.254.253,111
2023-10-19 18:38:30.00 [UNPRIV TCP packet: ]TCP Packet - Source:162.142.125.133,42575 Destination:[IpPublic],21872
2023-10-19 18:38:35.00 [DOS]UDP Packet - Source:192.168.254.254,756 Destination:192.168.254.253,59446
2023-10-19 18:38:42.00 [DOS]UDP Packet - Source:192.168.254.254,806 Destination:192.168.254.253,59446
2023-10-19 18:38:50.00 [DOS]UDP Packet - Source:192.168.254.254,857 Destination:192.168.254.253,111
Searching on Google, I found similar cases but without a positive resolution result.

In advance, very grateful for your help.

I leave as a reference links of blogs consulted:
- https://www.reddit.com/r/Network/com...ntermittently/
- https://linustechtips.com/topic/1416...ernal-~-modem/

Apparently it has to do with one of my devices that works on the 5G network.
- https://forums.tomshardware.com/thre...-time.3486503/
 
Old 10-19-2023, 06:46 PM   #2
GlennsPref
Senior Member
 
Registered: Apr 2004
Location: Brisbane, Australia
Distribution: Devuan
Posts: 3,660
Blog Entries: 33

Rep: Reputation: 283Reputation: 283Reputation: 283
Hi I'm no expert...

whois , a command that shows who an ip address belongs.
Code:
whois 192.168.254.253
and an article on ddos attacks

udp packets...https://www.cloudflare.com/en-gb/lea...-protocol-udp/

it looks to me as though your router is continually searching for systems on your network.

I'm pretty sure 192.168.254.254 is on a private network address. ref. https://en.wikipedia.org/wiki/Reserved_IP_addresses
Code:
192.168.0.0/16 	192.168.0.0–192.168.255.255 	65536 	Private network 	Used for local communications within a private network.[3]
I hope this helps you.
Last edited by GlennsPref; 10-19-2023 at 06:49 PM. Reason: example whois...
 
Old 10-20-2023, 12:57 AM   #3
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 22,129

Rep: Reputation: 7374Reputation: 7374Reputation: 7374Reputation: 7374Reputation: 7374Reputation: 7374Reputation: 7374Reputation: 7374Reputation: 7374Reputation: 7374Reputation: 7374
I guess 192.168.254.254 is your router, but you need to know it.
 
Old 10-21-2023, 12:44 AM   #4
allend
LQ 5k Club
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware64-15.0
Posts: 6,389

Rep: Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764
Without knowing the capabilities of the modem, my guess is the DOS indicates discovery of service, looking for attached network storage using NFS (portmap uses port 111) or Xsan (proprietary protocol reported to use ports 49152-65535).
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Back up logs file and create a script showing the backed up logs and the running logs Billy_6052 Programming 5 12-13-2014 02:32 AM
Firewall logs in logs and terminal... robbow52 Debian 7 11-20-2004 07:13 PM
Firefox logs user out? Where are error logs? case1984 Linux - General 0 10-09-2004 02:22 PM
Separate firewall logs and general logs dominant Linux - General 3 04-20-2004 01:26 AM
Apache logs - ???Linux logs??? mylo2003 Linux - General 3 08-07-2003 04:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:59 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration