Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DDOS Protection For The Home User?


  • Please log in to reply
7 replies to this topic

#1 auto1571

auto1571

  • Members
  • 296 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 26 October 2013 - 01:43 PM

DDOS Protection For The Home User and Skype Safety?

 

Hi guys, well I was wondering if you had any additional tips in regards to preventing being dossed while online. I understand that there are some good firewalls out there that will help you from this too. But I was wandering about any additional stuff like VPN's etc?

 

Furthermore upon searching I discovered that Skype is recently becoming a popular target for attackers. And so I was wondering what other steps you would recommend in regards to securing a Skype account and staying safe while chatting.

 

I personally think that having a good VPN and Firewall should help with this or possibly just a good firewall. But not too sure.

 

So what are your views guys?

 

 

Thanks.



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,128 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:04 PM

Posted 26 October 2013 - 10:06 PM

Not sure if you understand DDOS/DOS attacks so here are some good resources to review.
What is Distributed Denial-of-Service Attacks (DDOS)
What is Denial-of-Service Attacks (DOS)
Understanding Denial-of-Service Attacks (DOS)
5 Tips for Fighting DDoS Attacks
How Zombie Computers Work: Distributed Denial of Service Attacks
Distributed Denial-of-Service Attacks and You

Skype Security: What you can do to stay safe
How to Use Skype Safely: 11 Steps
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 cloudcom

cloudcom

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Zurich, Switzerland
  • Local time:12:04 AM

Posted 27 October 2013 - 04:34 PM

No worries, the DDoS attacks are usually done against larger network units, such as Dedicated Servers or Firewalls.

 

Attacking the host is simply useless, because you can just update your IP address - every home IP address is dynamical (which means it changes automatically over time, or every time you reconnect your router).

 

We offer DDoS Protected Dedicated Servers and DDoS Protection services and sometimes we get a wave of questions from home users like you are.

It's also possible that all these "ddos attacks" are simply the trojan viruses that make the victim think that he is under DDoS attack and to offer purchase some software etc.

 

Simply use your Antivirus and Firewall and avoid such problems with any kind of threat.



#4 auto1571

auto1571
  • Topic Starter

  • Members
  • 296 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 27 October 2013 - 05:03 PM

Thanks to both of you for the replies. I have bookmarked this for reference.



#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,128 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:04 PM

Posted 27 October 2013 - 06:03 PM

You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Harmeet

Harmeet

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 11 February 2014 - 04:51 PM

There are many companies providing ddos protection for the website data. check the website http://www.blockdos.net

Blockdos provides different DDOS Mitigation services . 

 

Kindly browse the website for more information on DDOS PROTECTION different packages available.

 

- Harmeet

 

 

 

 

 



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,128 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:04 PM

Posted 11 February 2014 - 05:14 PM

BlockDoS provides effective global DDoS mitigation service to small to large enterprises and large data centers in various sectors at a cost...it's not something for the home user.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 androbourne

androbourne

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 14 June 2016 - 02:37 PM

No worries, the DDoS attacks are usually done against larger network units, such as Dedicated Servers or Firewalls.

 

Attacking the host is simply useless, because you can just update your IP address - every home IP address is dynamical (which means it changes automatically over time, or every time you reconnect your router).

 

We offer DDoS Protected Dedicated Servers and DDoS Protection services and sometimes we get a wave of questions from home users like you are.

It's also possible that all these "ddos attacks" are simply the trojan viruses that make the victim think that he is under DDoS attack and to offer purchase some software etc.

 

Simply use your Antivirus and Firewall and avoid such problems with any kind of threat.

 

I signed up on these forums to reply to this post! ha

 

He is totally correct, and I'm actually undergoing the same thing from a DDOS Bot attack on my network.

 

I run a wordpress server from home and the bot is attempting to find weak spots in my wordpress while also DDOSing my network. (although totally failing to do so since I run a business grade Sonicwall firewall at my home and was able to block the ip/network). I ended up tracking it down to Cloudflare company that happens to provide "DDOS Protection Services". So yes, companies often perform real and/or fake DDOS attacks in attempts to get customers... it's sad but guess what... It also opens them but to being DDOS'ed themselves (as now I know their originating IP address) : ) although, I will not confirm or deny that, that's exactly what I'm doing do them as I'm writing this....

 

Here is just a small part of the hoops us administrators need jump through just to take just to narrow down the original spamming network. From their you better hope you have a good firewall where you can block the IP yourself or call your ISP in hopes they can block it for you on the modem or node side.

 

I was being attacked by 191.96.249.54 & 191.96.249.53 which can be seen in my firewall logs, like such.

[DoS Attack: SYN Flood] from source: 191.96.249.54, port 57962, Tuesday, June 14, 2016 10:56:20
[DoS Attack: SYN Flood] from source: 191.96.249.53, port 32964, Tuesday, June 14, 2016 10:56:20
 
And just continues through all the major ports and then some, when I spun up my wordpress site I used "live monitor" in wordfrence (wordpress firewall) and saw those IP's trying to access mydomain.com/XML-RPC.php which is commonly used in attempts to brute force wordpress sites.
 
I did a whois on 191.96.249.54 and while he was using a DNS masking service, the contact email was "abuse@dmzhost.co" and obviously seeing the .CO address. I googled DMZHOST.CO and ended up at his website.
 
You can tell the website is fake as their is no phone numbers or addresses labeled on the site and also there are tons of page redirects going to the same "support" page. Clicking on "contact" or "tickets" etc... keeps redirecting to the same "support" page. A professional company doesn't function like this.
 
So in efforts to continue tracking down the root network of the attacks. I performed a traceroute and ping to dmzhost.co and can you guess where that goes? Yeah that's right, it resolves to 104.27.183.222 which according to whois goes straight to Cloudflare... which I verified after going to their site and again running more traceroutes, ping checks and whois look ups.
 
I attempted to call Cloudflare posing an interested client. If you call their tech support number on option 3, the call either randomly drops, or you receive a recorded message saying to go to their website to submit a ticket. If you call the line and do option 4 to report abuse, it again pulls up a recorded message stating to send an email to abuse@ etc... Dailed option 1 to go to sales, who didn't even introduce the company professionally and simply stated "this is joe, what can I do you for?".
 
In the end, its either a client of theirs being hosted by Cloudflare services who is pushing out the DDOS attacks (which would be sad as hell since they advertise DDOS protection services on their website and can't even stop their own clients from DDOSing????) or Cloudflare themselves in attempts to get business. Which I believe is the case here.
 
So that gives you a little insight into what we network engineers (such as myself) deal with on a daily in the business world. The only real advise I, or anyone could give you is to get a good firewall (not consumer grade, but rather business grade such as a Watchguard, Sonicwall, Cisco etc...), rotate your IP's on a normal bases (weekly/monthly for dynamic ip\home users) and work with your ISP to block them as you see them come in if possible.

The very best advise I could give you, is to get a good firewall and not host services from your house. You can easily get hosted server rentals for gaming or websites for very cheap nowadays, and they will handle all the attacks/maintenance stuff for you. I know it's not something you want to hear but honestly there is only attack risk mitigation, there is no way to totally protect yourself against it.

Edited by androbourne, 14 June 2016 - 02:41 PM.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users