Multiple DoS Attacks

Infinite

Infinite

Closed as requested
Local time
8:19 AM
Messages
958
Hi Guys, I have just had a look at my Router settings from 192.168.0.1 and it shows multiple DoS (Denial Of Service) Attacks from different IP's.

Code: 
[DoS attack]from source:41.232.151.64, destination source:192.168.0.2 LEN=131 TOS=0x00 PREC=0x00 TTL=111 ID=8169 PROTO=UDP SPT=50774 DPT=56669  - Fri, 2012-02-03 19:30:58
[DoS attack]from source:111.251.185.70, destination source:192.168.0.2 LEN=129 TOS=0x00 PREC=0x00 TTL=109 ID=17904 PROTO=UDP SPT=24580 DPT=56669  - Fri, 2012-02-03 19:30:59
[DoS attack]from source:111.251.185.70, destination source:192.168.0.2 LEN=129 TOS=0x00 PREC=0x00 TTL=109 ID=17926 PROTO=UDP SPT=24580 DPT=56669  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:188.27.37.114, destination source:192.168.0.2 LEN=58 TOS=0x00 PREC=0x00 TTL=115 ID=5667 PROTO=UDP SPT=50803 DPT=56669  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:188.244.45.231, destination source:192.168.0.2 LEN=58 TOS=0x00 PREC=0x00 TTL=111 ID=28604 PROTO=UDP SPT=1034 DPT=56669  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:82.36.113.84, destination source:192.168.0.2 LEN=52 TOS=0x00 PREC=0x00 TTL=112 ID=5826 DF PROTO=TCP SPT:62778 DPT:56669 WINDOW=8192 RES=0x00 SYN URGP=0  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:188.244.45.231, destination source:192.168.0.2 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=28602 DF PROTO=TCP SPT:64002 DPT:56669 WINDOW=8192 RES=0x00 SYN URGP=0  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:111.251.185.70, destination source:192.168.0.2 LEN=129 TOS=0x00 PREC=0x00 TTL=109 ID=17963 PROTO=UDP SPT=24580 DPT=56669  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:188.237.80.47, destination source:192.168.0.2 LEN=134 TOS=0x00 PREC=0x00 TTL=109 ID=42179 PROTO=UDP SPT=10000 DPT=56669  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:111.251.185.70, destination source:192.168.0.2 LEN=129 TOS=0x00 PREC=0x00 TTL=109 ID=18123 PROTO=UDP SPT=24580 DPT=56669  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:92.114.190.144, destination source:192.168.0.2 LEN=134 TOS=0x00 PREC=0x00 TTL=110 ID=16273 PROTO=UDP SPT=59440 DPT=56669  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:111.251.185.70, destination source:192.168.0.2 LEN=129 TOS=0x00 PREC=0x00 TTL=109 ID=18129 PROTO=UDP SPT=24580 DPT=56669  - Fri, 2012-02-03 19:31:00
[DoS attack]from source:111.251.185.70, destination source:192.168.0.2 LEN=129 TOS=0x00 PREC=0x00 TTL=109 ID=19140 PROTO=UDP SPT=24580 DPT=56669  - Fri, 2012-02-03 19:31:04

I do not have much experience with Routers/Networks, so I need help blocking these or removing them.

I have a NETGEAR DGN1000SP Router with Virgin Media 10MB/s Internet.

I have 1 Netbook, 2 PC's and a iPhone. But I only use 1 PC and my iPhone. My family uses the other 2 computers.

I have installed MSE, Malwarebytes, and Comodo Firewall on the Netbook and 1 PC. Have not done it to the other PC yet, and I don't really need to do anything to my iPhone.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Novatech iRush Pro
OS
Windows 7 Ultimate SP1 - 64 Bit
CPU
Intel Core i5 2500k
Motherboard
Foxconn H67M-S/H67M-V/H67
Memory
2x4GB DDR3 1333Hz
Graphics Card(s)
Ati Radeon 6770
Sound Card
None
Monitor(s) Displays
Samsung S22B150
Screen Resolution
1920x1080
Hard Drives
2x500GB
PSU
500W
Cooling
Fan
Keyboard
HP KU0316
Mouse
Wireless Logitech M185
Internet Speed
20MB/s
Antivirus
Avast Free
Browser
Google Chrome
Other Info
Logitech M185 Mouse
KU-M316 Keyboard
The first thing you need to do is contact your ISP as their servers may have been compromised.

Virgin Media should help and advise as to what you can do, but you may have to upgrade your hardware.

Have a look at this article, which describes the different ways these DoS attacks work and possible solutions to get them stopped.

How to Prevent Denial of Service Attacks : Learn-Networking.com

This Wiki article has loads of useful information too.

http://en.wikipedia.org/wiki/Denial-of-service_attack
 

My Computer

Computer Manufacturer/Model Number
HP Pavilion Elite 495UK
OS
Windows 7 Ultimate SP1 64-Bit
CPU
Intel Core i7 870 @ 2.93GHz
Motherboard
MSI 2A9C (CPU1)
Memory
8Gb Dual-Channel DDR3 @ 664MHz
Graphics Card(s)
nVidia GeForce GTX 460 1024MB dedicated RAM
Sound Card
Realtek HD Audio
Monitor(s) Displays
HP2310i
Screen Resolution
1920 x 1080
Hard Drives
1x1954GB Hitachi HDS22020ALA 330 (RAID), 1x1954GB Hitachi External for backup and storage
PSU
460W
Case
HP Elite
Cooling
Air cooled
Keyboard
Logitech K750 solar-powered keyboard
Mouse
Logitech Wireless M180 mouse
Internet Speed
2Mb
Other Info
Pure Avanti Flow Internet Radio with iPod Dock, 64Gb iPod, HP USB Speakers, Sony MDR-V500 Headphones, Sony Vaio F-Series Laptop
This is apparently not uncommon with Netgear routers. I suspect it is very common, but only Netgear routers are storing them as DOS attacks. They can be random port scans. I would think you will be protected by the NAT firewall in any case. I agree with seavixen32, ask your ISP about it, if they agree it is not an issue, I think you are ok. You could not prevent a DOS from your end anyway, that is a server/ISP issue. If they were being attacked, and their bandwidth compromised, they would be all over it. A Guy
 
Last edited:

My Computer

Computer type
PC/Desktop
OS
Windows 10 Home x64
CPU
INTEL Core i5-750 Quad-Core 3.37GHz
Motherboard
ASUS P7P55D
Memory
HyperX Fury Black Series 8GB (2 x 4GB) 1866Mhz
Graphics Card(s)
EVGA GeForce GTX 750 Superclocked 1GB 128-Bit GDDR5
Monitor(s) Displays
LG 32MA68HY 32" IPS
Screen Resolution
1920 x 1080
Hard Drives
Samsung 840 Evo 120GB, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
PSU
ANTEC TruePower New TP-550, 80 PLUS, 550W
Case
ANTEC Three Hundred Illusion
Cooling
COOLER MASTER Hyper 212 Plus, 4 x 120mm 1 x 140mm Noctua's
Internet Speed
85 + Mbps
Antivirus
Avast
Browser
Vivaldi
Thanks for the help guys, I will contact my ISP as soon as I can.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Novatech iRush Pro
OS
Windows 7 Ultimate SP1 - 64 Bit
CPU
Intel Core i5 2500k
Motherboard
Foxconn H67M-S/H67M-V/H67
Memory
2x4GB DDR3 1333Hz
Graphics Card(s)
Ati Radeon 6770
Sound Card
None
Monitor(s) Displays
Samsung S22B150
Screen Resolution
1920x1080
Hard Drives
2x500GB
PSU
500W
Cooling
Fan
Keyboard
HP KU0316
Mouse
Wireless Logitech M185
Internet Speed
20MB/s
Antivirus
Avast Free
Browser
Google Chrome
Other Info
Logitech M185 Mouse
KU-M316 Keyboard
You're very welcome.

Do let us know what they say as it'll be interesting to know if they take it seriously.
 

My Computer

Computer Manufacturer/Model Number
HP Pavilion Elite 495UK
OS
Windows 7 Ultimate SP1 64-Bit
CPU
Intel Core i7 870 @ 2.93GHz
Motherboard
MSI 2A9C (CPU1)
Memory
8Gb Dual-Channel DDR3 @ 664MHz
Graphics Card(s)
nVidia GeForce GTX 460 1024MB dedicated RAM
Sound Card
Realtek HD Audio
Monitor(s) Displays
HP2310i
Screen Resolution
1920 x 1080
Hard Drives
1x1954GB Hitachi HDS22020ALA 330 (RAID), 1x1954GB Hitachi External for backup and storage
PSU
460W
Case
HP Elite
Cooling
Air cooled
Keyboard
Logitech K750 solar-powered keyboard
Mouse
Logitech Wireless M180 mouse
Internet Speed
2Mb
Other Info
Pure Avanti Flow Internet Radio with iPod Dock, 64Gb iPod, HP USB Speakers, Sony MDR-V500 Headphones, Sony Vaio F-Series Laptop
You must log in or register to reply here.

Similar threads

P
Can anyone with networking knowledge pls help
Replies
4
Views
6K
pauldawson21
P
soho1
Solved RT-N66U and Windows not playing well together recently
Replies
6
Views
6K
Total
T
L
Solved Multiple DDoS attacks prevention?
2
Replies
32
Views
14K
F5ing
F
O
Solved Windows 7 & Centos 7 Dual Boot Issues - Grub2 BOOTMGR missing message
Replies
12
Views
6K
Schrade
S
N
DDOS Attacks UDP files comeing in please take a look at this Combofix
Replies
14
Views
8K
McMalakai
M
Back
Top