I check my router's logs every few hours or so lately since every hour got to be quite annoying. As of just now checking before bed like usual I noticed the following log.

Thursday, Jul 26,2012 04:30:57
[DoS attack: ACK Scan] attack packets in last 20 sec from ip [184.172.165.210]



Before making this thread I did a quick Google search & from there it says that it's a Bangladesh IP. Also the 1st search result is about something called Flash Chat Design Studio. I've only gotten this log once so far however what exactly does this all mean?

Sodapop, props on being conscious of network!

I'll do my own little research and get back to you.

Thanks & yeah I just wish I was as conscious when I 1st got this router. Originally I just set it & forgot about it completely, I only changed the default pass & started checking the logs regularly about a couple months ago.

Here's is the result for 184.172.165.210

#
# Query terms are ambiguous. The query is assumed to be:
# "n ! NET-184-172-0-0-1"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;handle=NET-184-172-0-0-1?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 184.172.0.0 - 184.173.255.255
CIDR: 184.172.0.0/15
OriginAS: AS36420, AS30315, AS13749, AS21844
NetName: NETBLK-THEPLANET-BLK-17
NetHandle: NET-184-172-0-0-1
Parent: NET-184-0-0-0-0
NetType: Direct Allocation
RegDate: 2010-10-06
Updated: 2012-02-24
Ref: http://whois.arin.net/rest/net/NET-184-172-0-0-1


OrgName: ThePlanet.com Internet Services, Inc.
OrgId: TPCM
Address: 315 Capitol

Address: Suite 205
City: Houston
StateProv: TX
PostalCode: 77002
Country: US
RegDate: 1999-08-31
Updated: 2010-10-13
Ref: http://whois.arin.net/rest/org/TPCM

ReferralServer: rwhois://rwhois.theplanet.com:4321

OrgNOCHandle: THEPL-ARIN
OrgNOCName: The Planet NOC
OrgNOCPhone: +1-281-714-3555
OrgNOCEmail: noc@theplanet.com
OrgNOCRef: http://whois.arin.net/rest/poc/THEPL-ARIN

OrgAbuseHandle: ABUSE271-ARIN
OrgAbuseName: The Planet Abuse
OrgAbusePhone: +1-281-714-3560
OrgAbuseEmail: abuse@theplanet.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE271-ARIN

OrgTechHandle: TECHN33-ARIN
OrgTechName: Technical Support
OrgTechPhone: +1-214-782-7800
OrgTechEmail: admins@theplanet.com
OrgTechRef: http://whois.arin.net/rest/poc/TECHN33-ARIN

RNOCHandle: THEPL-ARIN
RNOCName: The Planet NOC
RNOCPhone: +1-281-714-3555
RNOCEmail: noc@theplanet.com
RNOCRef: http://whois.arin.net/rest/poc/THEPL-ARIN

RAbuseHandle: ABUSE271-ARIN
RAbuseName: The Planet Abuse
RAbusePhone: +1-281-714-3560
RAbuseEmail: abuse@theplanet.com
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE271-ARIN

RTechHandle: TECHN33-ARIN
RTechName: Technical Support
RTechPhone: +1-214-782-7800
RTechEmail: admins@theplanet.com
RTechRef: http://whois.arin.net/rest/poc/TECHN33-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

EDIT: Arctos post contains all info you'll need.

If it happens again, you can report to these guys.

So in short they offer web hosting & the attack was initiated by one of their customers?

Do I have to wait for it to happen again to report the company?

My bad on the late reply. If you have the evidence, you don't need to wait to report. I just said that in case it was a false report.

By evidence do you mean if I had saved my routers log?

Well the only types of chat I use are on RuneScape with the in game chat, however my dad does play an online Poker Game on his own laptop that's through AOL or something I think. Although I'm not sure if they are in any way affiliated with ThePlanet.com. In short though you're saying that unless I get more then 1 logged attack from the same IP then it was likely a mistake?

Alright thanks, this can be closed now.