What's new

Should I enable ASUS DoS Protection

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Col8eral

Regular Contributor
I notice in my Asus RT-AC88U under Firewall>General there is an option to enable DoS protection. The default is sett o "No". Is there any reason I shouldn't enable this feature?

Many thanks
 
are you running a server that talks across the internet ( ie through the router to the WAN ) ?
If not, don't bother.
If you are, are you a likely target ?
if not, don't bother.
If you are, why are you messing with consumer equipment ?
You can turn it on if you like. it likely won't matter.
 
Hi and thanks for the response. I dont use a server, so perhaps I'll leave it switched off.
unlike what the guy above said, DoS protection is for both the router and devices behind it. Enable it regardless of whether or not you run a server. Disable it if you are stress testing the router to see if it survives a lot of load.
 
I have always had it enabled and it's never been an issue for me, i don't see why you wouldn't enable it, i mean it says it will increase routers workload but i have never noticed a difference on both rt-ac68u and rt-ac86u so i keep it enabled, anything that offers any kind of extra protection, as long as it doesn't make doing things that should be easy, very difficult or impossible then i generally i am all for it and that does not apply in this case, enable it and forget about it :)
 
I have enabled it. It hasn't increased any load on the router. I'll just leave I enabled and forget about it.
 
Hi, I recently purchased my own domain and am using Cloudflare as my DNS nameserver in order to take advantage of IP proxying, DDoS protection, and other services they offer. I am hosting various applications on my Synology NAS for external access and most work great. However, I found that the Synology DSM page in particular was loading extremely slow, sometimes it would not load at all. I tried a lot of different things from modifying Cloudflare options, to changing Synology security settings, tweaking nginx proxy manager...to no avail. The only thing I have found that has worked is disabling the Asus DoS protection.

My question is, if I am going to leave the Asus DoS protection disabled, is there any other alternatives or additional DoS protection I should or could use? Or is the protection offered by Cloudflare and the Synology enough?

On the router front, I have AiProtection on and I have Adamm00's Skynet firewall installed/enabled as well. Any insights or suggestions appreciated!
 
DoS protection on consumer grade routers coupled with usualy slow internet access is just marketing.
Sort of like security in airports. There just to make you feel safer, but in reality does jack squat on top of large queues and unnecessary frisks.
 
DoS protection on consumer grade routers coupled with usualy slow internet access is just marketing.
Sort of like security in airports. There just to make you feel safer, but in reality does jack squat on top of large queues and unnecessary frisks.
Not only DoS Protection but also all of security features on consumer grade routers. AiProtection? Kidding me? It's just Placebo effect. But a lot of users still believe that those features can protect them.:eek:
 
Casa Griswald uses DoS and AiProtrection (see sig).
 
IMHO OFC you should enable it.. Regardless of public facing WAN services running or otherwise. Hackers will still be scanning & looking for weakness even if they are simply probing.

It does exactly what it say's on the tin... it stops/slows down attacks. AiProtect also does a fine job, 2-way IDP in particular has protected me from multiple hacking attempts. "SSH Bruteforce" & "Remote code executions attempts" to name but a few..
Is it as powerful as Snort? nope, BUT IMHO I would rather have some protection rather than no protection..

Also, its really helpful to protect against drive-by download webpages too.. Plus, the captured logs attacks protected against are tracked with timestamps AND by ATTACKER_SRC_IP Very useful. Its faster for me to check my AiProtect stats page in the router UI than to wither crawl through 1000 lines of syslog events..

Lastly, if like me you actually check / monitor syslog or have Asus pipe out its syslog events to another server, like I have setup Syslog Server running on my NAS and notice all those SYN/UDP "Denied" entries that is IDP in effect. Plus using this method you can setup alerts for kernel/debug/error/alarm or warnings etc.. Very informative and helps protect my network.

It rate limits attackers active scans of your network. its why you see ip addresses from scanners spaced out to try and avoid detection.

As for the "enabled verses disabled debate due to increased resource usage" I find that running AiProtect and DDoS protection, When enabled its well within nominal bounds. IDK specifically if all computational needs get off loaded to cpu stack or if it is done in RAM or not? all I know is that consumer grade or not it works very well.. It provides a good coverage against basic script kiddies and offers a great baseline which at the very least protect from older CVE vulnerabilities. I'm currently using this as a second line defence in my homelab.. is a no brainer, definitely not a placebo.. I say this as I do not rely on it 100% its part of the mix I use... underneath CF Tunnels and policy based routing etc etc.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top