Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DOS Attacks-Needs advise


  • Please log in to reply
2 replies to this topic

#1 mrt29

mrt29

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:43 AM

Posted 03 September 2017 - 01:55 PM

Hello All,

I have keep getting internet drop more than 3 months. Was before not really bad. Last 3 weeks ago I contact with the ISP get it technician check the cable connection and internet speed can't find any problem.After phone conversation get it hard reset the modem than 3 week actually really good. I believe after dos attacks internet is drop mostly wifi. Can you please take a look router logs. Source IP is not my IP.

Description Count Last Occurrence Target Source [DoS attack: Teardrop or derivative] from 193.1.198.96, port 0 1 Sun Sep 03 13:21:48 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Illegal Fragments] from 193.1.198.96, port 0 2 Sun Sep 03 13:21:48 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Ping Of Death] from 193.1.198.96, port 0 10 Sun Sep 03 13:21:48 2017 252.206.240.153:0 193.1.198.96:0 [admin login] from source 192.168.0.11 1 Sun Sep 03 13:20:25 2017 0.0.0.0:0 192.168.0.11:0 [DoS attack: Illegal Fragments] from 193.1.198.96, port 0 1 Sun Sep 03 13:20:23 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Teardrop or derivative] from 193.1.198.96, port 0 1 Sun Sep 03 13:20:23 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Ping Of Death] from 193.1.198.96, port 0 1 Sun Sep 03 13:20:23 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Teardrop or derivative] from 193.1.198.96, port 0 2 Sun Sep 03 13:20:23 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Ping Of Death] from 193.1.198.96, port 0 1 Sun Sep 03 13:20:23 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Illegal Fragments] from 193.1.198.96, port 0 1 Sun Sep 03 13:20:22 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Teardrop or derivative] from 193.1.198.96, port 0 1 Sun Sep 03 13:20:22 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Ping Of Death] from 193.1.198.96, port 0 2 Sun Sep 03 13:20:22 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Teardrop or derivative] from 193.1.198.96, port 0 3 Sun Sep 03 13:20:20 2017 252.206.240.153:0 193.1.198.96:0 [ login failure] from source 192.168.0.11 1 Sun Sep 03 13:20:15 2017 0.0.0.0:0 192.168.0.11:0 [DoS attack: Illegal Fragments] from 193.1.198.96, port 0 1 Sun Sep 03 13:20:02 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Teardrop or derivative] from 193.1.198.96, port 0 1 Sun Sep 03 13:20:02 2017 252.206.240.153:0 193.1.198.96:0 [DoS attack: Ping Of Death] from 193.1.198.96, port 0 1 Sun Sep 03 13:20:01 2017 252.206.240.153:0 193.1.198.96:0

 

Target IP is invalid. When is the this Invalid IP start internet is down! When is target IP different internet most likely ok.

 

Can you please give more idea what should I do might be talking to ISP again or some protection? 



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:43 AM

Posted 03 September 2017 - 04:19 PM

DDoS attacks originate from multiple sources.  Maybe its a port scan?  Router firewalls can be overzealous also. Do you have your routers firewall in its default setting? Any file sharing or gaming going on, connection attempts can continue to hit the router after you stop.

 


How Can I Reduce My Risk to Malware?


#3 mrt29

mrt29
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:43 AM

Posted 03 September 2017 - 04:28 PM

All router settings changed and not any file share or gaming. %99 logs base on same IP information everyday every time.(Modem: Netgear C7000)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users