Menu
What's new
By:
Filters Better Search

AI Protection Question - 384.5

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A

armsAC3100

Regular Contributor
Starting with version 380.70 I added some IPTables entries attempting to eliminate intrusion attempts that I was finding in my log file.

I recently updated to 384.5 and am seeing External Attacks - "EXPLOIT Netcore Router Backdoor Access" messages in the AI Protection Two-Way IPS section.

I have set the offending IP address in IPTables as a drop.

Does AI Protection inspect the packet prior to IPTables? If not I do not understand why I am getting AI Protection Alerts.

By the way, put me on the list of AC3100 users having no network operational problems with 384.5 for a week now.

Just learning!, Al
 
armsAC3100 said:
Does AI Protection inspect the packet prior to IPTables? If not I do not understand why I am getting AI Protection Alerts.
Click to expand...

Hard to tell for sure since the DPI engine is closed source and implemented at the kernel level.
 
RMerlin said:
Hard to tell for sure since the DPI engine is closed source and implemented at the kernel level.
Click to expand...
Thanks... I'l assume that Iptables is being processed properly and AI Protection sees packets first.

Another question.... How can I clear the AI Protection event logs?

Al
 
armsAC3100 said:
Thanks... I'l assume that Iptables is being processed properly and AI Protection sees packets first.

Another question.... How can I clear the AI Protection event logs?

Al
Click to expand...

On the webui, there are icons to click on to delete both the hit counts and the history log.
 
You must log in or register to reply here.

Similar threads

YrbkMgr
AI Protection Alerts Coming From LAN Client
2
Replies
21
Views
3K
YrbkMgr
YrbkMgr
SeveranExpendere
RT AC68U - speed affected by AI protection
Replies
6
Views
7K
Makaveli
Makaveli
Johno
AI Protection alert - what does this alert mean exactly?
Replies
6
Views
7K
jrmtz85
J
beastobadness
Problems with recording line stats from my HG612 caused by AI Protection
Replies
0
Views
995
beastobadness
beastobadness
E
300 attacks since 6. november ?
Replies
9
Views
4K
MichaelCG
M
Similar threads
Thread starter Title Forum Replies Date
Q [Feature Request] Schedule DoS Protection state and/or whitelist option Asuswrt-Merlin 5
A Question about Asus Merlin Router behind a firewalla? Asuswrt-Merlin 8
D Solved Samba, LACP & WireGuard. Question. Asuswrt-Merlin 5
P Question on Wireguard tunnel configuration. Asuswrt-Merlin 9
D Solved ethtool question regarding at boot Asuswrt-Merlin 2
TheLyppardMan A question about WireGuard security Asuswrt-Merlin 25
A Question about network map Asuswrt-Merlin 2
X DNS Director - question Asuswrt-Merlin 6
Zakalwe WAN Aggregation Question Asuswrt-Merlin 18
F Question - Manual Firmware Update Asuswrt-Merlin 8

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 823 (members: 28, guests: 795)
Top