How to know and combat being a DOS victim

What's the best way to setup a home network? Why should I care about BGP?

Re: How to know and combat being a DOS victim

Post by MidN8 on Wed Jul 30, 2014 3:24 pm
([msg=82576]see Re: How to know and combat being a DOS victim[/msg])

alright thanks for the replies
MidN8
New User
New User
 
Posts: 6
Joined: Wed Jul 03, 2013 1:10 pm
Blog: View Blog (0)


Re: How to know and combat being a DOS victim

Post by cyberdrain on Wed Jul 30, 2014 8:15 pm
([msg=82581]see Re: How to know and combat being a DOS victim[/msg])

-Ninjex- wrote:Well, firstly since you said it's coming from multiple IP adresses, that would define this as a DDOS attack, which is a lot harder to defend against than just a stand alone DOS attack.

It's all good advice, if only the attack came from outside the network. I've yet to see an internal DDOS attack.

MidN8 wrote:it is not being used , so either someone got access to my LAN and started using an IP address on the network and then left or .. i don't know

I'll say this: even systems that are not being used or those that are powered off can be made to do things. Though that's probably not the case here.

Also, if you found out what it was or have resolved the issue, we (or at the very least I) would be interested in the solution :)
Free your mind / Think clearly
I use the sarcasm color for both sarcasm and irony
User avatar
cyberdrain
Addict
Addict
 
Posts: 1520
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: How to know and combat being a DOS victim

Post by tremor77 on Thu Jul 31, 2014 10:39 pm
([msg=82587]see Re: How to know and combat being a DOS victim[/msg])

Some types of attacks can make a request to the internal network, variations of udp broadcast requests, chargen, etc.. they could have tapped a machine or even a networked device (printer?) and got it to respond.. therefor making an internal device appear part of an attack. It's also possible IP was spoofed but I haven't seen successful IP spoofing done in a long time, I thought that ISP's pretty much housed those, unless your ISP sucks. I do still think, possible you're part of a botnet and don't know it.. did you do heuristic scans? Disconnect from the internet and see if those internals keep happening.
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 911
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)


Previous

Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests