Dear sirs,
I found in this forum this thread, Peplink | Pepwave - Forum, saying the DoS is a feature which works on background and there are no way to managed or, which is critical, can’t see what it was blocked.
When PepLink will change this and provide this data in order to promote its equipments inline with enterprise solution and grant full OS without bugs and missing settings!?
Waiting your reply,
Best regards,
Adelio Moreira
Our products are not designed to be threat management devices, rather we focus on multi-WAN internet load balancing and bonded VPN solutions.
Hi,
Yes they are not designed to be a threat management but PepLink introduced DoS on its OS, which in basic concept of design this feature should show up what is doing…for sure i’m not the only one thinking about this.
Bet regards,
Adelio Moreira
Hi Tim,
Can you please shed some light on the DoS feature, how it works, in what conditions, this is just to understand what is in the background and maybe what will affect with the rest of our security products?
We fully understand the purpose of the Peplink and we should not rely on this device for DoS protection, but at the end of the day we need to know what exactly is doing.
Please help us out.
Thanks,
Charris Lappas
When this option is enabled, the unit will be protected by detecting the following types of intrusion and denial-of-service attack:
Port Scan
NMAP FIN/URG/PSH
Xmas Tree
Another Xmas Tree
Null Scan
SYN/RST
SYN/FIN
SYN Flood Prevention
Ping Flood Attack Prevention
Hi,
Can you please let us know what is doing? ie does it block the ip address for a certain amount of time?
Can we find any logs for these?
Thanks,
Charris Lappas
It block abnormal packet, such as TCP packet with all flags enabled (Malformed XMAS packet).
It block suspicious traffic, such as large volume of new TCP SYN packet (SYN Flood). We block the new TCP SYN packet generated by the suspicious IP till the “SYN Flood” is stopped.
We now don’t have any log if suspicious traffic is detected, but it will included in future firmware.
Hi Noel,
The large volume of new TCP SYN packets, it has a real number base on source/destination…
Thanks for you reply, i’ll wait for this new firmware which will log DoS events.
Best regards,
Adelio Moreira
Has any progress been made on this?
Is there the ability to log these intrusion attacks now? I see you had mentioned this would be included in a future firmware over 6 years ago. I just wanted to see if this was ever followed through on since someone last year asked about the progress on this.
I do not own a Peplink right now, but am looking to buy a new router soon. Packet filtering and logging for troubleshooting purposes and to know everything that is going on in the background security wise is very important to me. So I was curious and thought I would ask about this.
Thank you.
Peplink has a user interface demo here
Try it to see if the firewall rules (in and out) meet your needs.
I’ll try the online demo out this weekend when I have some more time to try and get a feel for things.
If it wasn’t for your wonderful website routersecurity.org (small plug) 
that I’ve been reading and re-reading over the past week, I would of never even known about Peplink routers or many of the other popular business class router/firewalls that are out there. Your website really is a wealth of knowledge in terms of learning about router security. Seriously, thank you for all that you put into it. It’s very easy to read and understand the way you explain things. Your honesty even talking about the pro’s and con’s on Peplink I found refreshing. I learned a lot. I especially enjoyed reading and learning about VLANs. That’s something I’ve never even heard of before. But now that I know about it, I definetly want to use in my next router.
I purchased my current router about 5 years ago after I got off the force-fed modem/router combo from my old isp. I only did research on consumer grade routers at the time, that’s all the review sites seemed to cover and talk about. Wish I had known back then about all these lower priced business grade routers that are out there. I only thought there were either consumer grade routers sold at the big box stores or the really expensive enterprise grade routers for business. I didn’t realize there were so many other options in-between.
Back when I got my router one of the main thing I cared about was long and consistant firmware support for security, which just ended recently. It was actually an older model to begin with when I bought it. Asus provided updates for about 10 years though which I find pretty remarkable. It was good enough for me at the time because I really didn’t have that many devices connected online like I do now. I used to mainly use my pc and a tablet and that’s about it. My pc has always been locked down really good and I’ve always ran really strong SPI network/application based firewall programs on it. They’ve always had very detailed and clean logging systems, which I love because it’s so informative from both a troubleshooting and security standpoint. I was always a big fan of advanced software based firewalls for a really long time. But things are so different now. I really need something to help me monitor and control everything a lot more.
Ability to use open source firmware was one of my other things I wanted when I got my router, just in case I ever wanted to go down that route. I actually tried 2 of the remaining open source firmwares that are out there recently. While they weren’t that bad, I was pretty disappointed with their firewalls. Looks like there iptables based (no GUI) which is not something I’d care to get into. Also I tried bridging on one of them to try and get VLAN support, but that didn’t seem to work out too well. So I’m probably done with that little experiment.
I just gotta do a lot more reading and research to see if I can find a router that I would be completely happy with. Anyways, sorry for rambling on for so long. Thanks again.