Router receiving internet traffic but no client is requesting it

Misterer · Mar 10, 2020

I'v been using my old Asus RT-N18U router for probably more than 3 years and had no problems with it but today I noticed some weird behaviour. It's receiving internet traffic which is not being requested by any of the connected clients.

Anyone could explain why this is happening and how to check the ips the traffic is coming from? The router GUI has some tools like netstat, but they aren't showing anything special (192.168.1.39 is "me"):

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:5473 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:18017 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3394 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0

rinter 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:1990 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:laserjet 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:9998 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:www 0.0.0.0:* LISTEN
tcp 0 0 localhost.localdomain:domain 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:domain 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3838 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:56799 0.0.0.0:* LISTEN
tcp 0 0 router.asus.com:www 192.168.1.39:58123 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58180 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58193 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58179 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58163 TIME_WAIT
tcp 0 9733 router.asus.com:www 192.168.1.39:58203 FIN_WAIT1
tcp 0 0 router.asus.com:www 192.168.1.39:58140 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58111 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58181 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58104 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58157 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58128 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58135 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58202 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58126 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58112 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58124 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58109 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58170 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58106 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58141 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58134 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58155 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58162 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58182 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58125 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58186 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58103 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58121 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58204 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58172 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58198 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58148 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58158 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58119 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58105 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58169 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58208 FIN_WAIT2
tcp 0 0 router.asus.com:www 192.168.1.39:58171 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58102 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58206 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58130 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58195 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58176 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58147 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58145 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58175 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58127 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58167 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58196 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58113 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58120 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58156 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58117 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58161 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58110 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58139 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58190 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58108 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58107 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58136 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58115 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58101 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58144 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58122 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58178 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58177 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58174 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58200 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58146 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58165 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58154 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58150 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58187 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58173 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58192 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58183 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58199 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58191 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58138 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58100 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58197 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58142 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58132 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58118 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58116 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58168 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58164 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58189 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58160 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58184 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58166 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58151 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58133 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58159 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58201 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58194 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58131 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58207 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58137 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58188 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58129 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58205 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58114 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58152 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58185 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58209 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58149 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58153 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58143 TIME_WAIT
tcp 0 0 router.asus.com:www 192.168.1.39:58143 TIME_WAIT
udp 0 0 0.0.0.0:9999 0.0.0.0:*
udp 0 0 0.0.0.0:42000 0.0.0.0:*
udp 0 0 localhost.localdomain:42032 0.0.0.0:*
udp 0 0 localhost.localdomain:40500 0.0.0.0:*
udp 0 0 localhost.localdomain:domain 0.0.0.0:*
udp 0 0 router.asus.com:domain 0.0.0.0:*
udp 0 0 0.0.0.0:bootps 0.0.0.0:*
udp 0 0 0.0.0.0:5474 0.0.0.0:*
udp 0 0 0.0.0.0:18018 0.0.0.0:*
udp 0 0 0.0.0.0:upnp 0.0.0.0:*
udp 0 0 0.0.0.0:upnp 0.0.0.0:*
udp 0 0 0.0.0.0:38000 0.0.0.0:*
udp 0 0 0.0.0.0:37000 0.0.0.0:*
udp 0 0 localhost.localdomain:38032 0.0.0.0:*
udp 0 0 router.asus.com:56229 0.0.0.0:*
udp 0 0 0.0.0.0:44979 0.0.0.0:*
udp 0 0 localhost.localdomain:37064 0.0.0.0:*
udp 0 0 router.asus.com:5351 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 0.0.0.0:43000 0.0.0.0:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 5 [ ] DGRAM 265 /dev/log
unix 2 [ ACC ] STREAM LISTENING 881 /var/run/avahi-daemon/socket
unix 2 [ ] DGRAM 2207
unix 2 [ ] DGRAM 772
unix 2 [ ] DGRAM 268

Here are the screenshots of the traffic monitor:

cyclone3d · Mar 11, 2020

Hillary or the Chinese or the Russians are trying to hack you most likely.

To make this more clear since I got an "off-topic" warning.

I have seen stuff like this in the past and, when I looked into it, it was traffic trying to get through from different Chinese IP addresses.

Nicklebon · Mar 11, 2020

You're on a public network so there will always be some amount of traffic. It will include everything from broadcast traffic from your ISP and neighbours, think arp, port scans from script kiddies, late arriving packets and other such errata. If you really want to know what it is put a switch in between your router and bridge, set up a port span and sniff it with wireshark. Otherwise welcome to the internet.

Jake · Mar 13, 2020

Recieving internet traffic? router.asus.com is your router management page, it is most likely intercepting DNS or just displaying the host name instead of the IP.

netstat -n won't resolve names or services

Tapper · Mar 13, 2020

I would upgrade that router mate. I would get something that runs OpenWrt.

Router receiving internet traffic but no client is requesting it

Misterer

n00b

cyclone3d

Fully [H]

Nicklebon

Gawd

Jake

Supreme [H]ardness

Tapper

n00b