Concerning NETGEAR router log (LAN access from Remote)

October 5, 2015 at 22:01:43
Specs: Windows 7
To start... a quick notice concerning my knowledge of this area, its very unknown, so please forgive me if I show a lack of understanding of certain concepts. (P.S. writing this at midnight)

Alright here is the current problem. Recently, my internet has been dreadfully slow, and it has not been fun to deal with. Due to this problem I decided to take a look into this problem. Some information that might be important:

Router is a little over 5 years old
My router at this moment hosts about 7 people at a given time.
The router is a WNDR3300
Me including 2 other people play games requiring internet connection (Multiplayer)

My first thought was, my router is just old and we need to get a newer one, however, I wanted to be sure, so I checked my router's logs and found this.

[LAN access from remote] from to Monday, Oct 05,2015

also I noticed this:

[Self2WAN ICMP type b Detected!] To prevent from revealing router's activity, this packet is dr Monday, Oct 05,2015

These two things scare me, because ICMP is (I believe) "ping" or some sort of request/reply thing... (Sorry, probably butchered it). I have been told, that this could be a potential security risk.

Thanks for reading and if it turns out to be nothing, that is great. And if its something... well time to work.

See More: Concerning NETGEAR router log (LAN access from Remote)

Report •

October 5, 2015 at 23:22:01
After 5 years your router needs replacing unless it's a Billion model costing £150 plus like mine. The other run-of-mill ones (Netgear, D-Link, Linksys, Belkin etc) have a life of only a few years.

LAN access from remote: someone outside your house has been using your WiFi connection. You need to change your wireless key and encryption type. Also change login password for router configuration.

Self2WAN ICMP type b: This has been blocked by your router's hardware firewall so okay there. Hacking attempts are very common, what's important is that it gets blocked.

For beefed up security you need to install a good software firewall on your PC like Comodo.

message edited by phil22

Report •

October 6, 2015 at 11:23:03
I hate to be disagreeable phil22 but I can't agree when you say "The other run-of-mill ones (Netgear, D-Link, Linksys, Belkin etc) have a life of only a few years"

I'm running a Linksys WRT54GL (with Tomato firmware) in my home and have been for around 7 years now. The original release date of this piece of hardware was somewhere around 2002/2003 and there are actually quite a few of them still running out there. FWIW, I did shut off the wireless on it when I bought a dual radio Access Point that I plugged into the router. The old girl is only G/B and single band (radio).

I've had devices that were brand new and didn't work out of the box and others that worked for years and years and years. Unless you get some major malfunction, devices like a SOHO Router or a switch should run basically forever.

While I wouldn't rule out a hardware issue regarding the OP's question, I would start troubleshooting elsewhere.

The OP states there are 7 people on this LAN two of which game a lot. My big question is, are any of the other 5 (and/or the 2 gamers) also downloading a lot files or streaming video when you notice this slow down?

If two or three other LAN users are streaming video (ie: Netflix or something like that) or downloading big files at the same time you're testing or gaming, that would explain the loss of bandwidth.

Troubleshooting is fairly simple. Disconnect everybody with a wired connection (except the test machine) and deny service to all wireless clients and then run a bandwidth test. Then enable/reconnect everybody and test again a few hours later (gives them time to get back to doing what they were). Then test again the following day. If there's no difference with only the one machine (again, a wired connection) doing the bandwidth test as versus all clients connected, then chances are you may be having provider issues or hardware issues.

If however, the bandwidth is as good as can be expected, then the issue is other users on the LAN hogging up the bandwidth. Video streaming and downloading are very bandwidth intense. I'm a gamer myself and I can normally tell when my wife fires up a video or Netflix when I'm gaming as my game gets a little choppy.

If it is a case of bandwidth saturation you have options. If your present router is able to do bandwidth limiting you could choke the others who are sucking it all up. Or you could get a bigger package from your provider (if that's an option, it's not where I live).

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***

Report •

October 6, 2015 at 19:19:10
I looked up the ip that was in the log. It turns out it is some sort of ISP in Taiwan? I also went a bit deeper in the logs, and also found that Comcast is listed as well. Are these ISPs accessing my router, because of our gaming?

Also I believe it IS hardware, we have moved several times recently. I have a suspicion that the electronics box got put outside in the heat, and possibly screwed it up. I'll look into buying a new router.

message edited by Firebeats

Report •

Related Solutions

October 8, 2015 at 09:33:17
First off, if you check your logs you'll see all kinds of attempts that basically mean nothing. I have port scans like you wouldn't believe logged in mine. Mostly people from China trying ssh. This is popular on my SOHO Router as I have ssh opened and forwarded to my UNIX firewall that sits between my SOHO Router and my LAN.

That's not what's causing your slow down issues.

People with nefarious intent scan looking for openings they can exploit and ssh (port 22) is a popular one as is the RDC (windows remote desktop) port. A lot just set their software to scan all known ports and report back to them. If your firewall is setup correctly and you haven't opened any ports (via a port forward for example) then you have nothing to worry about from the scans.

You have not responded to my troubleshooting attempts. Did you try any of it? Did you even ask how many users in your LAN are running Netflix (or something like it)? Did you ask if anybody in your LAN is running point-to-point sharing software down/uploading in bulk?

If not, stop contemplating what you think may be the problem and follow the troubleshooting steps you're asked to take.

If you're not going to listen and do as we suggest, we can't help you.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***

Report •

October 9, 2015 at 21:26:41
Okay, sorry for not executing the troubleshooting sooner! I was too busy finishing up projects and tests for high-school. Anyways here are the results.

Wired (Only Test Machine):
Download: 65.5 Mbps (Bits) 65.5/3 = ~22 MB
Upload: 15 Mbps (Bits) 15/3 = 5MB
Wireless (Only Test Machine):
Download: ~16 Mbps (Bits) 16/3 = ~5MB
Upload: ~10 Mbps (Bits) 10/3 = ~3MB

Wired (Everyone doing their own thing)
Download: 70Mbps (Bits) 70/3 = ~23MB
Upload: 11Mbps (Bits) 11/3 = ~3MB
Wireless (Everyone doing their thing)
Download: 11Mbps (Bits) 11/3 = ~3MB
Upload: 8Mbps (Bits) 8/2 = ~3MB

The results for the two tests for wired test machine were essentially the same.

So, (To me) it does indeed look like its not the router, but all of our connections to the router (There were about 11 connections). However, what I find interesting is how the wireless connection is basically the same as when everyone was doing their own thing.

One of my family members streams Netflix and uses other streaming services, but its at night. He tries to stream in 4k (BIIIIIG DATA USE).

Another watches streams on twitch, while playing a game (Varies from multi to single player).

Another watches YouTube.

And I game. I moved the router and the modem to a different room, to plug into my PC, and my family members PC (The one who games and watches streams). I did not really see a difference, but its deducts two people off from the wireless list.

What do you suggest I do next? Also, thanks for helping me out!

Forgot to put wired for "everyone doing their thing". I might send another update about that same wired, because I think they thought I was still testing.

message edited by Firebeats

Report •

October 12, 2015 at 05:05:53
Ok, your troubleshooting showed what I expected. Your wired connection(s) performs well regardless of load on your LAN. Your wireless doesn't perform quite so well. With a bigger load on the LAN, the less well wireless performs. This is expected.

One thing to remember when it comes to networking is that wireless will never perform as well as wired. So if you're an avid gamer (I am) you will want whatever device you're gaming on to be physically connected to the network with a network cable (as versus wireless) whenever possible. This will improve performance and reduce latency and lag.

I didn't think to ask what type of wireless devices you're running, and how many of them. I would recommend you have at the very least a Wireless N device. If possible, dual radio (2.4 and 5.0 GHz) If you're running an older device, then buy yourself at least one, and perhaps two, depending on budget and the size of your home, dual radio "N" access points and add them to your network. If you presently only have a single wireless device, then all wireless clients are connecting to it and that will decrease performance. Adding one or two more devices would reduce overall load on any single device and help balance the wireless load as well.

Lets say you have a typical two floor, bungalow with approx. 1000 sq ft on the main floor. Lets also assume your internet and router, are in one end of the main floor of your home. If you buy two AP's (access points) and both are dual radio "N" devices, I would put one in the middle of the basement, and the other at the far end of the main floor. This would provide better coverage of your home. It would also provide stronger signal to users in the basement or far end of the house opposite the router. It would spread clients over the 3 wireless devices as well.

If possible, you would want to connect them to your router via a network cable but if that's not at all possible, get the kind that allow you to extend your wireless network. Wired would again be much better because network load would aggregate on extendable devices.

With adequate coverage using recently made wireless access points connected to your router (or 1 Gig switch) with wired connections you would get the best possible performance from your wireless LAN.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***

Report •

Ask Question