FRITZ!Box 7360 Service - Knowledge Base
Firewall reports attacks on TCP port 80 or 14013 or unsolicited packets of type 0x88e1
This guide deals with the following issues:
- A firewall on a computer in the FRITZ!Box home network reports regular attacks ("Syn Flood", "Denial of Service (DoS)") on TCP port 80 and/or 14013.
- Every five seconds a firewall or an application for analyzing network connections (for example Wireshark) reports packets of type 0x88e1 (EtherType).
1 Connections do not pose a security threat
The incoming connections do not originate from the Internet. Instead, they originate from the FRITZ!Box and do not pose a security threat.
- TCP Port 80:
The FRITZ!Box uses TCP port 80 to check regularly whether network devices (for example computers, smartphones, game consoles) in the FRITZ!Box home network offer web services accessible over HTTP, such as a user interface. The web services of these network devices can be accessed directly under "Home Network > Home Network Overview" in the FRITZ!Box user interface.
- TCP Port 14013:
When parental controls are enabled, the FRITZ!Box uses TCP port 14013 to check regularly which Windows user is logged on at the computer. These connections are necessary so that the FRITZ!Box's parental controls function can restrict Internet access for specific Windows users.
- Type 0x88e1:
The FRITZ!Box uses packets of EtherType 0x88e1 to check regularly whether any FRITZ!Powerline adapters are present in the network. Any FRITZ!Powerline adapters it finds are displayed in the FRITZ!Box user interface under "Home Network > Home Network Overview".
Note:If you do not want to receive these messages, configure the network device's firewall so that it allows incoming connections to TCP port 80 and 14013 or packets of type 0x88e1. You can find information on configuring the firewall in its manual, or consult its manufacturer directly.