# Bekin N+ router problems or hacking attack



## peterwj (Jun 28, 2008)

I wonder if anyone can help? I am using a laptop with Vista Home Premium and the following spec:
Basic Hardware information:
Motherboard: Crestline & ICH8M Chipset
Basic I/O System(BIOS): Ver 1.00PARTTBL
Central Processing Unit(CPU): Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
Physical Memory X 2
1GB
1GB
Hard Disk X 2
WDC WD1600BEVS-22RST0 (149.05GB)
IMD-0 (512.86MB)
Video Card: NVIDIA GeForce 8600M GS
Monitor: Generic PnP Monitor
Audio Device X 2
Realtek High Definition Audio
Network Adapter:
Local Area Connection 2 - Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0) (Media disconnected)
Wireless Network Connection - Intel(R) Wireless WiFi Link 4965AGN (Connected)
Modem: HDAUDIO Soft Data Fax Modem with SmartCP

I have just purchased a new Belkin N+ wireless router however my conection seems to slow down (and occasionally stop) compared to my older G router and although the router and the network sharing centre show a good connection. Does anyone have any ideas?
I use Kaspersky internet security v8, however my router firewall is showing this:
Mon Mar 2 17:37:29 2009 
=>Found attack from 121.14.155.156. 
Source port is 6000 and destination port is 445 which use the TCP protocol. 
Mon Mar 2 17:39:32 2009 
=>Found attack from 221.195.73.68. 
Source port is 12200 and destination port is 3128 which use the TCP protocol. 
Mon Mar 2 17:39:32 2009 
=>Found attack from 221.195.73.68. 
Source port is 12200 and destination port is 8000 which use the TCP protocol. 
Mon Mar 2 17:43:39 2009 
=>Found attack from 80.171.123.235. 
Source port is 20715 and destination port is 135 which use the TCP protocol. 
Mon Mar 2 17:48:48 2009 
=>Found attack from 80.192.246.205. 
Source port is 1316 and destination port is 1433 which use the TCP protocol. 
Mon Mar 2 17:53:27 2009 
=>Found attack from 80.192.246.205. 
Source port is 2435 and destination port is 1433 which use the TCP protocol. 
Mon Mar 2 17:53:27 2009 
=>Found attack from 80.191.155.162. 
Source port is 2429 and destination port is 445 which use the TCP p

Any suggestions as to what is happening?

Thanks


----------



## ThePistonDoctor (Mar 2, 2009)

I can't really tell from the logs what's going on because there's not too much information there, but maybe knowing what some of those ports are will give you an idea:

445 is SMB
3128 I believe is squid proxy
1433 is SQL server
8000 is an HTTP alternate
135 is Microsoft RPC

Any more information on what an "attack" is?

BTW, I don't think any of these items would be the reason your connection is dropping, unless there is LOTS of scanning going on.


----------

