My network is being bombarded with failed connection attempts

Question

My G1100 router's security log shows that these attacks only began last December. That period doesn't coincide with any particular event. I have a VPN server and a media server running on my NAS since long before that. The two ports that I have open are forwarded to these servers.  I've now closed the two ports. I've also disabled UPnP, remote administration and port-triggering since. But these connection attempts just continue in droves.

A typical log line looks like this, but the source IP address and destination port for each entry varies, of course:

Jan 22 04:31:38 2022 local5.notice<173> ulogd[896]: Blocked IN=eth1 OUT= MAC=48:5d:36:48:65:6c:2e:21:72:63:c9:c2:08:00 src=13.226.36.152 DST=... LEN=76 TOS=00 PREC=0x00 TTL=233 ID=29779 PROTO=TCP SPT=443 DPT=63540 SEQ=1159098379 ACK=3866477492 WINDOW=425 ACK PSH URGP=0 MARK=0

People seem to think that these bots just trying to find vulnerability.

What possible vulnerabilities that are specific to the G1100 router should I be concerned about?

Any mitigation measure that I need to take?

gs0b · Accepted Answer

Thanks dslr595148 for quoting me.  That statement was an answer to a person who asked if there were any reasons not to use the free G3100 Verizon gave them.  It has nothing to do with any potential vulnerabilities on the G1100.

What this does mean is that Verizon takes full responsibility for keeping their routers (the G1100 and G3100) updated.  When/if vulnerabilities are discovered against these routers, Verizon will push firmware updates to resolve them.  The user does not have to do anything.

Compare this to non-Verizon routers that may allow the user to disable automatic updates or not support them at all.  In my opinion, automatic updates are a best practice for security.  If you disagree, then a Verizon router is not for you.

As to the OP's question, they can discover known G1100 vulnerabilities by searching the NVD at https://nvd.nist.gov/vuln/search

There are a few from 2019, but it's my understanding they have all been remediated and updated firmware pushed long ago.