last few days been getting loss of connection and checked my log to find these:
|22:32:48 21 May||IDS proto parser : tcp data on syn segment (1 of 1) : 184.108.40.206 220.127.116.11 0048 TCP 80->30292 [S.A...] seq 2584009912 ack 2799536762 win 65535|
|22:17:26 21 May||IDS proto parser : tcp data on syn segment (1 of 1) : 18.104.22.168 22.214.171.124 0049 TCP 80->23626 [S.A...] seq 86295214 ack 303281271 win 65535|
|22:15:06 21 May||IDS proto parser : tcp data on syn segment (1 of 1) : 126.96.36.199 188.8.131.52 0045 TCP 80->32150 [S.A...] seq 3658408954 ack 763267955 win 65535|
is this a bad thing and how do i stop it?
I've got exactly the same thing happening on my machine. Thing is, I've been suffering from ever decreasing speeds and dropped connections for a few weeks now (think it could have been a faulty ASDL filter - but still monitoring). Until about 0400 hours today, when I was asleep in bed, the Broadband Router had been running with no lost connections for 19 hours.
The IDS messages started four days ago, and on looking at Connections I don't have any for 21/05 - whole day missing, even though I was connecting.
I've looked everywhere to try and find how to clear these IDS logs out but there doesn't seem to be a way of doing it on Homehub 2.
I've run full security checks on my machine and nothing found.
Having now been up (ADSL connection running OK since 0400 hours, I'm loathe to restart the hub, if that is what is required, because BT will then lower my speeds ago.
Any ideas please?
Thanks for replying so quickly. I had a look at Wireshark and ran the demo video by Gerald Comb - but this is way above my level of comprehension!
I presume that I should not have someone trying to get in to my router, but that the router is stopping this behaviour (as far as it can?). I also presume if they stop trying to get in to my computer, the logs will stop and run off the page eventually. Is that right?
However, is it this intrusion which is slowing my machine down? I've looked at everything else.
The intrusions are not going to get past the firewall of the home hub, so they are not going to slow your machine down.
There are many reasons for computers to run slowly. If the computer runs slowly when it is not connected to the Internet, then the problem lies within your computer somewhere, depending on which operating system you are using.
The BT supplied software (on the CD) can make many computers run very slowly.
A common cause of slowdown is lots of temporary internet files caused by Internet Explorer allocating too much space. 5mb is more than enough on a broadband connection.
Wireshark is no use unless you have access to an Ethernet Hub (Not a switch), so you can intercept the Ethernet connection directly out of the Ethernet port on the home hub. It will not work on wireless connections.
You also need to know what to look for when using Wireshark.
I do not use the wireless on the home hub as it is too unreliable. I have a separate wireless access point using a spare BT Voyager modem.