# Router LOG "Unknown inbound session stopped"



## AphexDreamer (Mar 3, 2014)

My firewall keeps getting hammered with people all over Asia trying to find an open port. Is this normal, should i be concerned? Regardless if it is normal or not is there anything I can do to try and prevent this from happening? It feels like I'm in that movie 13 ghosts. I can see the scary ghosts behind the glass but I just fear them breaking out.

The three IP's I checked from the source have been in Korea, China and Taiwan so far.


----------



## puma99dk| (Mar 3, 2014)

u have remote access activated in your router?


----------



## jboydgolfer (Mar 3, 2014)

Router's Log a LOT of "suspicious" activity , that is neither a REAL threat , or something that can even be stopped by the router owner. I MUST have 100 D-DOS entries in MY router Log, but they are BS. I'm not saying that Your Log entries are ALSO BS, but it help's to first See if You can identify the entry,Then, before spending MORE time on it, find out if Your particular problem is Something that can be terminated/controlled By You(MANY of the times I've looked into a issue , or Log entry from MY router, and found that after spending time looking, I have NO tools @ my disposal to even stop the issue I was having,which is VERY frustrating)...I'd go to the router's OEM forum, and poke around there, Chances are if You are seeing it, then a LOT of others have as well. The final option, is in Your Router's Web based UI, You COULD just turn off the Logging of particular events, But I would only do that if You DO find out that it is harmless. Finally, while experiencing these Event's, Check to see if there is any OTHER issues, i.e. performance loss, fluctuating performance, or the like, it may help rooting out the problem/cause.

Best of Luck


----------



## AphexDreamer (Mar 3, 2014)

puma99dk| said:


> u have remote access activated in your router?



Yes i do. I don't think I can turn this off on a 2Wire Router. 



jboydgolfer said:


> Router's Log a LOT of "suspicious" activity , that is neither a REAL threat , or something that can even be stopped by the router owner. I MUST have 100 D-DOS entries in MY router Log, but they are BS. I'm not saying that Your Log entries are ALSO BS, but it help's to first See if You can identify the entry,Then, before spending MORE time on it, find out if Your particular problem is Something that can be terminated/controlled By You(MANY of the times I've looked into a issue , or Log entry from MY router, and found that after spending time looking, I have NO tools @ my disposal to even stop the issue I was having,which is VERY frustrating)...I'd go to the router's OEM forum, and poke around there, Chances are if You are seeing it, then a LOT of others have as well. The final option, is in Your Router's Web based UI, You COULD just turn off the Logging of particular events, But I would only do that if You DO find out that it is harmless. Finally, while experiencing these Event's, Check to see if there is any OTHER issues, i.e. performance loss, fluctuating performance, or the like, it may help rooting out the problem/cause.
> 
> Best of Luck



It has been the slightly higher ping in lol and spontanous drop outs that had me looking into my log to begin with. Sucks to hear I probably can't do anything about it. I'll keep digging I guess.


----------



## Mussels (Mar 3, 2014)

most likely random hack attempts, botnets/worms.


dont DMZ and you should be fine.


----------



## remixedcat (Mar 4, 2014)

Mussels said:


> most likely random hack attempts, botnets/worms.
> 
> 
> dont DMZ and you should be fine.




This. Also if you ever run torrents you will be constantly 'attacked" after you open utorrent on your system. often times RIAA/MPAA do port scans and stuff of all connections that even connect to non-music-movie torrents, as they are bots developed by the,


----------



## Steevo (Mar 7, 2014)

Asia Pacific Center and other DNS/gateway hosts are always spidering the web for new info on servers and ports, sometimes it is legit, other times it is a worm, or probe trying to attempt connections, fewer than 100 a second isn't a real issue. If the router has stealth mode where it generates no reply to any probes turn it on.


----------

