A DoS attack on the TCP Listener (port 5555)

[Scorpion69]

I run the latest SoftEther VPN on my windows 10 64-bit workstation
- I had it set-up to connect on the localhost using port 5555
- The only port I have open on my Cisco 2620xm router is the UDP port I listen on for the OpenVPN connection.

I started getting these errors on my syslog server:

A DoS attack on the TCP Listener (port 5555) has been detected. The connecting source IP address is 127.0.0.1(Windows10x64), port number is 15149. This connection will be forcefully disconnected now.

The port number would vary......but I was under a DoS attack......and they were coming in fast.
I could not connect to the SoftEther server thru the port 5555 I set-up........... so I had to kill the service.

I restarted the service and changed the config to connect to the workstation IP address......and use port 443
I got rid of the port 5555.

Everything is OK ........but can someone please tell WTF happened????

[raafat]

Hi there!, you can not always trust what programs say (:, anyway, after all, it depends on how your Cisco router determines a Dos attack, what definitions are used by your Cisco router to determine that a Dos attack has been detected, as i said it depends on your Cisco router definitions of a Dos attack.


Good luck (:

[thisjun]

Please try to change the VPN server configuration to disable DoS protection.

declare Listener0
{
bool DisableDos false <- true
bool Enabled true
uint Port 443
}