Hi @Anonymous 

It's quite common to see various DoS attacks in the Hub log - that just shows that the firewall is doing its job.  It's extremely unlikely that it's anything to do with you specifically - the available IP address ranges are known to attackers, and they just regularly try all of them to try and find a vulnerability.

Going by what you describe, the firewall is keeping you safe, your home devices remain uncompromised, and you have nothing to worry about.

Exactly

I'm not sure what to answer about the rest, but the number of IPV4 addresses is dwindling and will run out one day, which gives ISPs less room to just issue completely new addresses. (Talking just of your public internet IPV4 address here, which everyone sees on the internet, not addresses like 192.168.1.119 which are private and provided by the router/Smart Hub itself to each device on your home network.)

That's why everything is changing to IPV6, which in theory would allow every device on the planet to have its own personal IP address from the ISPs.

So chances are, the public IPV4 addresses we have now are pretty old and have been used all over the place for all sorts of different reasons. So that IPV4 address has its own "history" that follows it around so to speak.

It is even more so these days.

@Anonymous 

I've PM'd you with the number I was given for Trust & Safety.

Every one of our routers will get prodded and poked by malicious actors multiple times daily!  But the attackers will only linger on a specific device if it's vulnerable, or they have some reason to believe a compromised device is connected behind a router.  I'd suspect you may have a compromised device that is attracting attacks!

Are you maybe confusing internal private addresses with external public ones? Whenever my connection drops or the modem is rebooted I receive a new IPv4 addresses in a completely different range. I have never seen only the last three digits change.

Any idea why my router logs have never shown any DOS attacks in all the previous years I've been with BT?

No idea, sorry - this is the only unusual aspect to your entire scenario, in my opinion.

Same with the ISP addresses, why do BT recycle them if customers have reported being attacked from these numbers, since whoever it is (obviously more than one), then other customers who have the same ISP address with 3 different numbers at the end, will also be suffering from these same attacks.

There are a limited number of IPv4 addresses available, as others have said.  In total, there are about 3.7 billion public addresses.  Any ISP, such as BT, will only have available to it a small subset of this number, so they absolutely have to "recycle" them.  One of the main jobs of your hub is to take the one address you are given, and share that among all the devices on your home network - as @c64z86 points out, the shift to IPv6 will help with this, as it has many, many more addresses available (but don't hold your breath, it's been ongoing for 20 years or so).

The reason you often only see "3 different numbers at the end" changing when you get a new address is down to the fact that the earlier digits in the address are used by the network to route data to you.

Either way, changing your IP address is unlikely to stop the probes that you're seeing.  All possible addresses are already known to attackers, so they just periodically try addresses to see if the devices at those addresses are vulnerable.  Part of the firewall's job is just to make sure it ignores these probes, so the attacker doesn't see any response and moves on to another address.

What you are seeing is perfectly normal behaviour, and honestly not a cause for concern.