Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: DDoS Attack, Changed IPs Still Under Attack


14 Jun 2013   #1

Windows 7 Home Premium 64bit
 
 
DDoS Attack, Changed IPs Still Under Attack

I'm being DDoS attacked. My ping was been spiking from 50 to 250+. I've tried changing my IP multiple times and I still was attacked (Note: I own 3 computers and 1 tablet). I've tried disabling startup processes, av scans, and basic rootkit scans and found nothing. However, after I uninstalled Akamai Net Session Downloader, FlashGet, and Tornado Force 2 (a chinese version of the game "Soldier Front 2"), it seems as though the attacks stopped. I'm not sure if they will come back or of something is infected but I'd appreciate some help to make sure everything is fine and not infected. EDIT: I'm still seeing these attacks pop up in the logs

This is what my NETGEAR Router was showing in the logs:

[admin login] from source 192.168.0.3, Friday, June 14,2013 18:25:12
[DoS attack: ACK Scan] from source: 208.47.185.65:80, Friday, June 14,2013 18:24:12
[DoS attack: ACK Scan] from source: 69.168.106.22:80, Friday, June 14,2013 18:22:58
[DoS attack: RST Scan] from source: 50.17.180.125:80, Friday, June 14,2013 18:11:49
[DoS attack: ACK Scan] from source: 208.47.185.65:80, Friday, June 14,2013 18:09:37
[DoS attack: ACK Scan] from source: 208.47.185.65:80, Friday, June 14,2013 18:09:11
[DoS attack: ACK Scan] from source: 69.168.106.22:80, Friday, June 14,2013 18:08:00
[DHCP IP: (192.168.0.4)] to MAC address 00:26:2D:3A:44:7D, Friday, June 14,2013 18:01:50
[DoS attack: ACK Scan] from source: 208.47.185.65:80, Friday, June 14,2013 17:55:51
[DoS attack: ACK Scan] from source: 208.47.185.65:80, Friday, June 14,2013 17:55:27
[DoS attack: ACK Scan] from source: 69.168.106.22:80, Friday, June 14,2013 17:54:19
[DoS attack: ACK Scan] from source: 208.47.184.200:80, Friday, June 14,2013 17:53:48
[DoS attack: RST Scan] from source: 50.17.180.125:80, Friday, June 14,2013 17:47:42
[DoS attack: ACK Scan] from source: 208.47.185.65:80, Friday, June 14,2013 17:44:46
[DHCP IP: (192.168.0.3)] to MAC address E0:46:9A:A5:580, Friday, June 14,2013 17:40:49
[Time synchronized with NTP server time-g.netgear.com] Friday, June 14,2013 17:40:12
[Internet connected] IP address: 184.1.219.253, Friday, June 14,2013 17:39:37
[Internet disconnected] Friday, June 14,2013 17:39:29
[DoS attack: RST Scan] from source: 206.190.57.61:443, Friday, June 14,2013 17:39:23


My System SpecsSystem Spec
.

14 Jun 2013   #2
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Do you own a Domain Name/Website?
My System SpecsSystem Spec
15 Jun 2013   #3

Windows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by Jacee View Post
Do you own a Domain Name/Website?
No.

The attacks are starting up again...
My System SpecsSystem Spec
.


15 Jun 2013   #4
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Are you connecting to the net with a proxy server?
My System SpecsSystem Spec
15 Jun 2013   #5

Windows 7 Home Premium
 
 

Nitsua,

It may be best to ask your question in the Network & Sharing - Windows 7 Help Forums

Looks as if you are getting port scanned. It is nothing to be afraid of, but, I am not an expert at anything.

The router is blocking the traffic that your ISP did not. It appears the router is doing its job blocking the attack and making note of it in the log.
My System SpecsSystem Spec
15 Jun 2013   #6

Windows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by Jacee View Post
Are you connecting to the net with a proxy server?
No, I don't believe so.
My System SpecsSystem Spec
15 Jun 2013   #7

Windows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by Jacee View Post
Do you own a Domain Name/Website?
The only thing I could think of is my RaidCall group...I guess I "own" it but it's free. I'm not sure how RaidCall servers/groups work. I just wish I could remove this lag...it's very irritating. please help me!! or atleast lead me in the right direction
My System SpecsSystem Spec
15 Jun 2013   #8

Windows 7 Home Premium
 
 

Quote:
...lead me in the right direction
Read the first line of Post #5.
My System SpecsSystem Spec
16 Jun 2013   #9

Windows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by cottonball View Post
Quote:
...lead me in the right direction
Read the first line of Post #5.
Well, I made a thread there and someone deleted it. I'm assuming that's because I already have this thread. There is another person here helping me...or at least from the sounds of it.
My System SpecsSystem Spec
16 Jun 2013   #10
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Download DDS from one of these links:
DDS.com
DDS.pif
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.
My System SpecsSystem Spec
Reply

 DDoS Attack, Changed IPs Still Under Attack




Thread Tools



Similar help and support threads for2: DDoS Attack, Changed IPs Still Under Attack
Thread Forum
BF3 under attack Gaming
Solved Am I under attack? System Security
Help Want Ask about DDoS Attack Characteristic at Windows 7 System Security
MAC Attack System Security
New SSL attack. Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:24 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33