Problem with Router,packet was blocked by IDS

Status
Not open for further replies.

tumex81

Reputable
Oct 19, 2015
17
0
4,510
Hello all, i have a problem and not sure how to solve it. My ESET Nod warned me about something called "Detected ARP cache poisoning attack'' never saw that before. So I searched on the internet and found a solution. According to eset I should do DNS Flush so I did. It said that if its any other IP on the list expect from my router address I should do DNS Flush and there was one with different IP. Should i be worried even more than i am right now?

I don't know if that's fixed,but I've noticed there is also a message " packet blocked by active defense (IDS) " and according to firewall log from their site and i quote " Packet was blocked by IDS without specific reason. You should not see this log." What in the world does that mean ? I've tried to find something to fix that but couldn't so I decided to ask here.

I ran "Scan your network for threats and vulnerabilities" in Nod and it said that I have open network services : Port 23 , Telnet and TCP. I checked for Telnet in Control Panel and box is unchecked, went to: http://www.t1shopper.com/tools/port-scan/# and there it said that port 23 is closed.
I have absolutely no idea what is happening. I'm a bit flustered from this situation, so pardon me if something here is confusing. I tried my best to explain my situation.Feel free to ask anything.

I've just noticed that my sister's laptop is the one that is sending " packet blocked by active defense (IDS)" . She is connected via cable. Activity from my pc has stopped for now only this one remains.

What should my course of action be ? What should I do ?
Thank you in advance and sorry for long text , Tumex81
 

tumex81

Reputable
Oct 19, 2015
17
0
4,510


First of all thank you for such fast response.
1.Restarted my router and whole host of things popped up. Not sure what any of those mean, nothing about "ARP cache poisoning attack" tho. And also the thing about IDS popped up as well.
It said (i'll just retype them here ):communication denied by rule block incoming wsd requests events for System, then same line as above just the end is different, incoming multicast DNS requests, incoming SSDP(UPNP) request for svchost.exe, incoming NETBIOS requests. Those are all new. I am quite terrified right now lol.

2.I downloaded Malwarebytes just to be sure and only thing Malwarebytes found is cheat engine that i used to activate some thing in DMC4. It is now in quarantine. I made a log from Malwarebytes , if you want I can copy it here.
3.I scanned with Nod and nothing came up. Everything was clean.

Thank you once again !
 

tumex81

Reputable
Oct 19, 2015
17
0
4,510


Well it so happens that i a have rotten luck. Every router I've seen online had check for firmware updates, but mine doesn't. Damn it !
I also couldn't find any credible source to dl but i don't even know if there's one for mine. Is there anything else i could do ?
Do you think changing the router would help ?
thanks !

 

tumex81

Reputable
Oct 19, 2015
17
0
4,510


I had no idea that happened, like I said just my luck xD

Thank you so much once again!
 

tumex81

Reputable
Oct 19, 2015
17
0
4,510


I completely understand and thank you! It seems to me that this router is outdated or i don't even know. I'll keep on looking just in case.
 
Status
Not open for further replies.