HELP!! My new Asus power-house gets denial of service by GRC portscan

[Cartel]

I just bought this router RT-N66U B1
and was excited to run merlin on it. 380.67

I loaded the July 2017 version, set up my configuration and as I do always on a new router, ran GRC shields up to make sure there were no open ports and such.
To my horror, the router became non-responsive and basically stopped working, internet would not load at all till the test completed (I can only guess it completed cause the webpage timed out).

Whats going on?

My very first router from 2004, a dlink 524 passed this test easily, so did every router I owned till now.

This cant be right, can it?

 

[Cartel]

https://www.grc.com/x/ne.dll?bh0bkyd2

link to the asus smasher, click proceed and then click All Service Ports.

Some interesting logs

Jul 22 00:47:01 kernel: (020405B4)
Jul 22 01:00:34 disk_monitor: Got SIGALRM...
Jul 22 01:13:01 kernel: URGP=0 OPT (020405B4)

 

[john9527]

I just bought this router and was excited to run merlin on it.
I loaded the July 2017 version

Welcome to the forum.
What router and exactly what firmware level? Please always include this info in your posts. We aren't 'Carnac the Magnificent'

But to your report, turn off Dropped Packets logging if you have it enabled. The syslog logging of the dropped packets during the port scan can't keep up. (On my LTS fork I rate limit the logging to prevent the 'hang').

 

[Cartel]

RT-N66U B1
380.67

 

[Striker317]

I just bought this router RT-N66U B1
and was excited to run merlin on it. 380.67

I loaded the July 2017 version, set up my configuration and as I do always on a new router, ran GRC shields up to make sure there were no open ports and such.
To my horror, the router became non-responsive and basically stopped working, internet would not load at all till the test completed (I can only guess it completed cause the webpage timed out).

Whats going on?

My very first router from 2004, a dlink 524 passed this test easily, so did every router I owned till now.

This cant be right, can it?

Hopefully this thread doesn't become a indictment of the brand of snake oil that Steve Gibson perpetuates.


Sent from my iPhone using Tapatalk

 

[Cartel]

I've narrowed it down to the firewall "Logged packets"which I had set to dropped.
disabling it fixes the issue.
Both merlin and factory f/w have this issue, which basically makes it possible to dos these routers with ease.

 

[bbunge]

Smasher? Powerhouse? N66U is far from that but still a good router...

Sent from my P01M using Tapatalk

 

[pete y testing]

a indictment of the brand of snake oil that Steve Gibson perpetuates.

hmmmmm....................... , tin foil hat

 

[RMerlin]

I've narrowed it down to the firewall "Logged packets"which I had set to dropped.
disabling it fixes the issue.
Both merlin and factory f/w have this issue, which basically makes it possible to dos these routers with ease.

Enabling what is a debugging option and not a normal operational option can have that effect...

 

[AndreiV]

I've narrowed it down to the firewall "Logged packets"which I had set to dropped.
disabling it fixes the issue.
Both merlin and factory f/w have this issue, which basically makes it possible to dos these routers with ease.

Sorry but you are talking out of your hat.

Logging and actually dropping packets are very different things. My AC3200 has zero issues with running GRC's port scan tests and all the other Asus routers I have had have managed perfectly well.

The "excitement" and unnecessary exclamation points are quite telling.