Menu
What's new
By:
Filters Better Search

Asus Network Service Blacklist Filter

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

DaDDz66

New Around Here
I got a warning from my IPS that a device on my network was infected with mirai bot, likely on a smart device. Could not tell me what device. Network is monitored and scanned with Nod32 and Malwarebytes, but as I understand it they won't pick up anything on a smart device on the network. It's using port 23 tcp. Telnet is disabled in the router settings. I'm not really clear if it can still use 23 for outgoing traffic from the device? Can I blacklist port 23 across the network in using the network service filter in my Asus AC86U? How to I get rid of this. Thanks in advance.
 
If you have a device on your LAN that is infected you can't use the router to stop it scanning other devices on your LAN, because the trafffic is switched not routed. However you can use the Network Services Filter to block outgoing traffic with a destination of port 23 and 2323. That would stop it infecting other people on the internet.

If you're seeing the alert in Asus' AiProtection I would have thought it should identify the source IP address?
 
ColinTaylor said:
If you have a device on your LAN that is infected you can't use the router to stop it scanning other devices on your LAN, because the trafffic is switched not routed. However you can use the Network Services Filter to block outgoing traffic with a destination of port 23 and 2323. That would stop it infecting other people on the internet.

If you're seeing the alert in Asus' AiProtection I would have thought it should identify the source IP address?
Click to expand...

Thanks for responding. Yes that's what I want to do is use Network Services Filter to block outgoing traffic. Just not clear on how I set that up in the router filter page. Do I leave everything blank and just add the the port in the form since I haven't identified the device or ip?
Only got the alert from my isp. Embarrassed to say I've never looked at the AiProtection. It's on now.
 
It think it should look like this. Although I don't know whether that would prevent AiProtection from detecting the infected source device (which is what you really want).

Untitled.png
 
Last edited:
DaDDz66 said:
Thanks for responding. Yes that's what I want to do is use Network Services Filter to block outgoing traffic. Just not clear on how I set that up in the router filter page. Do I leave everything blank and just add the the port in the form since I haven't identified the device or ip?
Only got the alert from my isp. Embarrassed to say I've never looked at the AiProtection. It's on now.
Click to expand...
I wouldn’t block anything just yet. Turn on the aiprotection and find out what device it is. Then get rid of it
 
ColinTaylor said:
It think it should look like this. Although I don't know whether that would prevent AiProtection from detecting the infected source device (which is what you really want).

View attachment 26753
Click to expand...
Thanks, that's how I set it up. My primary goal was satisfying my isp so they don't disable my account. I'll have to look at how well AiProtection works at detecting Mirai?
 
ATLga said:
I wouldn’t block anything just yet. Turn on the aiprotection and find out what device it is. Then get rid of it
Click to expand...
I'll disable the filter in a couple days and watch for Aiprotection to see where it is. Is it good a detecting these type of infections? Never used it or paid any attention to the feature, regretfully.
 
You must log in or register to reply here.

Similar threads

V
Asus RT-AX88U Block port 25 outbound correct settings
Replies
10
Views
549
coxhaus
C
R
Wireless MAC (Band filter filtering out Guest network)
Replies
2
Views
106
recharging
R
kaanaslan
DSL-AC88U Port Forwarding doesn't seem to be working when not in the local network
Replies
5
Views
452
kaanaslan
kaanaslan
M
Wireless Mac filter defaulting to whitelist.
Replies
5
Views
212
sfx2000
sfx2000
A
Skynet when to use banmalware over blacklist and vise versa (+ Hardening?)
Replies
0
Views
252
applysci
A
Similar threads
Thread starter Title Forum Replies Date
G Issue with Non-Asus Router in AIMesh Network ASUS AC Routers & Adapters (Wi-Fi 5) 5
F (Paid) IT & Networking (Asus) Specialist Needed for Optimal Network Configuration ASUS AC Routers & Adapters (Wi-Fi 5) 3
M Asus RT-AC68U ASUS AC Routers & Adapters (Wi-Fi 5) 5
P Asus 4g ac68u no wifi and lan detection ASUS AC Routers & Adapters (Wi-Fi 5) 0
A ASUS RT-AC86U ASUS AC Routers & Adapters (Wi-Fi 5) 0
Rana Imran Android Devices Won't Connect to ASUS RT-AC5300 5GHz Band ASUS AC Routers & Adapters (Wi-Fi 5) 3
Chinquapin Asus RT-AC56U Android Client gives: Error message: X509:parse_perm:error in cert::error:0480006C:PEM routines::no start ASUS AC Routers & Adapters (Wi-Fi 5) 0
D Asus DSL-AC68U can someone check my line stats ASUS AC Routers & Adapters (Wi-Fi 5) 0
S Asus gt ax1100 ASUS AC Routers & Adapters (Wi-Fi 5) 11
V router asus rt-ac86u LIMIT ASUS AC Routers & Adapters (Wi-Fi 5) 11

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 892 (members: 28, guests: 864)
Top