Watch this video to see why we scan with Grif's help:
Here's Grif's list of scanners. All free.
So I live in an apartment near campus shared with 3 other girls. Now I understand sometimes others might be hogging bandwidth with streaming and downloads potentially but lately (past few weeks) I see our speed throttled from 15mb down (what it should be and has been for the past few months pretty regularly) and dropps drastically during the speed test down to ~2-5mb download.
I felt this was ridiculous and I've contacted TWC about it a few times but I can't really tell if it's a combination of the latest modem issues/DNS servers dropping and the typical TWC speed declines during certain times of the day.
I checked out my logs on my netgear router and I found something that seemed off. I noticed on computer on the network is constantly getting
[LAN access from remote] from 188.8.131.52:12561 to xxx.xxx.x.x:45712 Monday, Oct 20,2014 23:02:07
I see this every second/few seconds SAME port. After some research I saw it could be related to the upnp exploit so I disabled that. I also disabled this port for that ip address since I didn't see it occuring on any other device on the network.
I thought this might have fixed the issue but I can't tell at the moment because I watch downdetector.com and noticed there are some problems in this area as well.
I'm still experiencing download speed throttled to about 5mb.
Anyone have some input if this is the correct course of action or some other potential ideas?
I also see some other lines in the router logs that seem suspicious
[Service blocked: ICMP_echo_req] from source 184.108.40.206, Monday, Oct 20,2014 23:15:41
[DHCP IP: (xxx.xxx.x.xx)] to MAC address x, Monday, Oct 20,2014 23:15:05 (this is probably my doing after blocking that port)
[DoS attack: FIN Scan] attack packets in last 20 sec from ip [220.127.116.11], Monday, Oct 20,2014 23:11:19 (this I don't see as often but I see it frequently enough to be concerned.
I proceeded to tell all my room mates to download malwarebytes and spybot search and destroy and run some scans to see if they can clear up the worst of the mess.
Am I over reacting?