Just an update on the hacking issue. I turned on AiProtection and no longer see hacking attempts. I cleared the log a couple of days ago and only see normal NTP activity.
This supposed hacking thing was very strange. There appears to be no logic behind what happened. I'm seriously questioning if they were legitimate hacking attempts, rather than the router doing something strange related to my firmware update problem.
You are correct ! It was the ID change. All ok now. Thanks. One more issue that I noticed. I found some items on the system log that was posted in 2013 and 2014 ! This is a brand new Router ( I think ). Are the postings in the log, factory tests ?? No IP or anything that I can trace. This is troubling.
I had the same issue in my log, with entries that went back a long time. Even clearing the log didn't seem to get rid of them. They eventually disappeared, although I don't know why. It may have had something to do with me resetting NVRAM when I was having trouble installing the latest firmware.
Does the router have a real-time clock like a computer?
If it doesn't (which would be my expectation), then it will do what, say, Rogers cable modems do, and start up with a 'generic' time (which could be in 2013/2014) until it gets more accurate time from the network.
If you look at cable modem logs with, say, the Cisco DPC3825, you'll see the same thing if you power cycle it when it can't reach the Rogers side and get its time information.
NTP activity ensures that the router's time is accurate and it updates every hour on the hour. You can clear, save, or refresh the log.