Got something else to discuss that is not covered by the previous forums? Post it here!
#6931 by mashean
Tue Apr 14, 2009 8:22 am
I have a D-Link DGL-4500 and it allows me to log certain things. One of which is which IP's it blocks from accessing my network. Prior to getting the OOMA I did not see any attempts to access my network from IPs originating in China and Russia.

I picked up my OOMA and placed it between my modem and router (Modem - OOMA - Router). It was setup that way for about 2 weeks. However, I recently changed that and placed the OOMA within my router and now I see there are a lot of blocked packets that originate from China. Anybody else notice this type of thing? Anything to be concerned about? The IP that starts with 91 is from Russia...

Some recent examples below... I see hundreds of attempts in my logs...

[INFO] Tue Apr 14 09:09:17 2009 Blocked incoming UDP packet from 117.57.215.106:1544 to *MY IP*:43143
[INFO] Tue Apr 14 09:02:20 2009 Blocked incoming TCP connection request from 222.175.213.206:6000 to *MY IP*:2967
[INFO] Tue Apr 14 08:56:32 2009 Blocked incoming UDP packet from 91.204.128.6:52833 to *MY IP*:43143
[INFO] Tue Apr 14 08:51:52 2009 Blocked incoming UDP packet from 202.97.238.238:51634 to *MY IP*:1026
[INFO] Tue Apr 14 08:44:51 2009 Blocked incoming TCP connection request from 222.215.230.49:12200 to *MY IP*:3128
[INFO] Tue Apr 14 08:43:44 2009 Blocked incoming TCP connection request from 222.215.230.49:12200 to *MY IP*:8000
[INFO] Tue Apr 14 08:42:37 2009 Blocked incoming TCP connection request from 222.215.230.49:12200 to *MY IP*:7212
#6959 by ooma-fan
Tue Apr 14, 2009 10:44 am
Prior to getting your OOMA, did you have any applications constantly accepting incoming traffics? If yes, I guess you'd see the similar incoming attempts.

I used to have a web server running 24 hours a day behind my modem/router, and noted lot of attempts virtually from everywhere, trying to hack into my server, if I did not enable my firewall.

Looking at the OOMA setting, I guess OOMA hub uses VPN for the traffic to its remote server, so OOMA solution might be considered quite secured one.

As for protecting our home LAN, it's always good to have a router/firewall implemented. OOMA hub has sort of the function, but with very limited end-user control capability/visibility
#6975 by mashean
Tue Apr 14, 2009 11:33 am
ooma-fan wrote:Prior to getting your OOMA, did you have any applications constantly accepting incoming traffics? If yes, I guess you'd see the similar incoming attempts.


The answer to that is no. That's why I posted here since I didn't see anything like this until after my OOMA was installed.

Thanks for your responses everybody. I've read that I should just add the IP blocks to my inbound filter. I think that's what I'll do.

Who is online

Users browsing this forum: No registered users and 8 guests