Since upgrading to the official DD-WRT firmware I'm having a strange issue. I'm running Symantec Endpoint Protection (SEP) 11.06 on all my computers and they periodically pop up with a message indicating that a denial of service attack was detected from the IP of my router, then it starts blocking web access. When I disable SEP I can get to the internet. The SEP log has these entries:
Denial of Service "UDP Flood Attack" attack detected.
Description:
An excessive number of User Datagram Protocol (UDP) packets are being generated on this computer causing 100% CPU utilization.
Traffic from IP address 192.168.11.1 is blocked from 9/21/2010 10:44:17 PM to 9/21/2010 10:54:17 PM.
Active Response that started at 09/21/2010 22:44:17 is disengaged. The traffic from IP address 192.168.11.1 was blocked for 600 second(s).
I'd contact Symantec about this but I've been using SEP on my network with the WZR-HP-G300NH for several months without issue until I upgraded the firmware.
Anyone? I emailed Buffalo support and never got a response, and now I'm getting no response here. Makes me wonder about them.
Did you find a resolution to the issue? I am facing a similar problem with Tomato and Linksys hardware.
I did (no thanks to Buffalo support or this forum). In SEP I turned off denial of service detection. Not sure why the Buffalo is simulating DOS attacks on my computers (again, Buffalo support was non-responsive), but that stopped SEP freaking out. Eventually I went back to the old non DD-WRT firmware because of that and other issues it was causing.
you got these errors becasue of the network services list option on the router GUI. The router (for example) can be used as a WOL client for PC's/devices on the network, WOL operates on UDP port 7 and 9.
If your software thought this was a DDOS attack then it is an issue with the software.
Hi,
I had the same problem with using my company laptop installed with Symantec Endpoint Protection when I connected to my recently bought WZR-HP-AG300H.
After searching through internet, I found the solution in http://www.symantec.com/connect/forums/endpoint-protection-blocks-ip-my-router.
Basically you should disable "List Network Services" functionality from Admin Config/Name menu. I tested and now it works without any problem.
Cheers,
Skyinn