Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 07-11-2006, 10:28 PM   #1
Solid State Member
 
Join Date: Jul 2006
Posts: 18
Default My home network being DDos'd?

Alright, I was having internet troubles so i figure check out the router cause Comcast claims on their life that its not them (and they've been out here already once and fixed one problem, then fixed the actual problem from their end) so i know they are legit. I check the router and in the log i see this:

PHP Code:
Firewall log:
Tue Jul 11 20:46:42 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:46:43 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:46:43 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:46:47 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:46:47 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:46:50 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:46:53 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:12 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:12 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:16 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:17 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:23 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:25 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:26 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:26 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:26 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:26 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:27 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:36 2006 Blocked by DoS protection 204.16.208.102
Tue Jul 11 20
:47:39 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:40 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:40 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:43 2006 Blocked by DoS protection 130.69.215.69
Tue Jul 11 20
:47:50 2006 Blocked by DoS protection 61.53.79.163
Tue Jul 11 20
:47:51 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:51 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:55 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:47:58 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:00 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:01 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:03 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:07 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:10 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:10 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:10 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:15 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:15 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:18 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:29 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:34 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:40 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:40 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:40 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:44 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:44 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:47 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:53 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:57 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:48:57 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:03 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:07 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:09 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:09 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:10 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:14 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:15 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:22 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:24 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:24 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:25 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:26 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:27 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:31 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:31 2006 Blocked by DoS protection 45.67.179.12
Tue Jul 11 20
:49:31 2006 Blocked by DoS protection 45.67.179.12
Tue Jul 11 20
:49:31 2006 Blocked by DoS protection 45.67.179.12
Tue Jul 11 20
:49:31 2006 Blocked by DoS protection 45.67.179.12
Tue Jul 11 20
:49:31 2006 Blocked by DoS protection 45.67.179.12
Tue Jul 11 20
:49:35 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:35 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:37 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:37 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:38 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:38 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:38 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:44 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:49:44 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:03 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:10 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:10 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:28 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:28 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:29 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:35 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:37 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:41 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:41 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:49 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:49 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:52 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:50:52 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:51:07 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:51:07 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:51:11 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:51:11 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:51:14 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:51:21 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:51:21 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:51:21 2006 Blocked by DoS protection 10.176.156.1
Tue Jul 11 20
:51:24 2006 Blocked by DoS protection 10.176.156.1 
So i am all like wtf m8? but really. I have to restart my modem to get the issue to go away, then like 10 minutes later it comes back. All the times on there are hh:mm:ss, and they are up to date on the minute. Anybody have any idea whats up? cause 10.0.0.1 is some special ip thing or whatnot, is 10.176.156.1 the same? But there are other IP's scattered in here and there, so is this like an organized attack, or am i just flipping out for the wrong reasons? I notice that when i reboot the modem, the attacks stop for a couple minutes, and the conection speed is at like 7 mpbs, but when they start again, the speed plummets. I am currently on the line with LInksys, to which no avail. Their lovely babelfish using tech supports responds with:

PHP Code:
LinksysYesIt mean somebody has tried hack your router.
LinksysBut the router has stopped it from being attacked
So i know they can read log files correctly, but that didnt help any. Any ideas on what is to be done or what i can possibly do, or if i need to contact somebody authoritative then who and what do i say?
__________________

d00by is offline   Reply With Quote
Old 07-11-2006, 10:46 PM   #2
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default Re: My home network being DDos'd?

Someone is useing wireless to access your router. I had the same problem with my Dlink and my moms laptop. Everytime it got on the internet, my compturs firewall freaked out.

Someone externally is accessing your router, I think. Try slapping on a network code and see what happens after that.
__________________

__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Old 07-11-2006, 10:51 PM   #3
Solid State Member
 
Join Date: Jul 2006
Posts: 18
Default Re: My home network being DDos'd?

ive got wep? Should i change encryption key?
d00by is offline   Reply With Quote
Old 07-12-2006, 09:20 PM   #4
Daemon Poster
 
mayorredbeard's Avatar
 
Join Date: Nov 2004
Posts: 1,246
Default Re: My home network being DDos'd?

Quote:
Originally Posted by d00by
ive got wep? Should i change encryption key?
Change the encryption key and add MAC address filtering. Contact the manufacturer of your router and ask them how to do that if you don't know how to. This will add another layer of security, making it harder for anyone to access your wirless network.


EDIT: Well that log just means their trying to, it doesnt mean they have accessed it. Someone can always try to access your wireless network and get blocked, i dont see how someone getting blocked from connecting to your router could effect your computers peformance. What problem exactly is it causing? Is your firewall freaking out? Is it preventing you from accessing the internet? My best advice is to trace the ip. I'll try and trace them for you, possibly find out their ISP and report them.





IP TRACES
Ive traced some of the IP's, i'll let you decide what your going to do about it

Network Contact Information: The following details refer to the network that the system is on.

10.176.156.1
Internet Assigned Numbers Authority
+1-310-301-5820
4676 Admiralty Way, Suite 330 Marina del Rey CA 90292-6695 US

204.16.208.102
FAST COLOCATION SERVICES
abusedept@fastcolocation.net
+1-703-637-6336
3791 N. Edgewater Dr Wasilla AK 99654 US

130.69.215.69
Tokyo, Japan

45.67.179.12
Interop Show Network
795 Folsom St Lvl 6 San Francisco CA 94107 US


Now obviously someone from Tokyo Japan isn't trying to access your router, but if any of those locations are close enough to you i'd follow through on it. Hope this helps
__________________
Karma/rep is always appreciated
01010010011001010110010001100010011001010110000101 11001001100100
010011110111010101110100

There are only 10 kinds of people in this world. Those who can read binary, and those who can't.
mayorredbeard is offline   Reply With Quote
Old 07-12-2006, 10:37 PM   #5
Solid State Member
 
Join Date: Jul 2006
Posts: 18
Default Re: My home network being DDos'd?

i have read that 10.0.0.0 through 10.255.255.255 are non routable network addresses over the net and that they are usually internal addresses... Does this make any sense?
d00by is offline   Reply With Quote
Old 07-13-2006, 03:47 AM   #6
Daemon Poster
 
RewtGuy's Avatar
 
Join Date: Dec 2004
Posts: 595
Send a message via AIM to RewtGuy
Default Re: My home network being DDos'd?

there's no question about am i getting dossed, YOU KNOW IT. a few settings on a firewall isn't going to stop a botnet either...

i think the 10 something has to do something with your isp's network. either someone inside it, or your isp itself.

now the colocation you might be getting dossed from, if you're experiencing downtime / horrible lag i'd contact em and tell em your situation.

these aren't wireless...

contact your isp about the ip address w/ the 10, the rest are probabaly just random bots scanning ip ranges... nothing to worry about, everyone gets those...
__________________
Windows: A thirty-two bit extension and GUI shell to a sixteen bit patch to an eight bit operating system originally coded for a four bit microprocessor and sold by a two-bit company that can't stand one bit of competition.
RewtGuy is offline   Reply With Quote
Old 07-14-2006, 05:09 PM   #7
Solid State Member
 
Join Date: Jul 2006
Posts: 18
Default Re: My home network being DDos'd?

I dont know whats up. I upgraded my Router's firmware and the attacks just disappear. The speed is back up to 3-4 mbps at 4-5 pm so I dont know. Beats me, i am assuming its the crappy linksys router just being stupid.
d00by is offline   Reply With Quote
Old 07-16-2006, 10:20 PM   #8
Daemon Poster
 
RewtGuy's Avatar
 
Join Date: Dec 2004
Posts: 595
Send a message via AIM to RewtGuy
Default Re: My home network being DDos'd?

could be someone scanning for older firmware w/ exploits, and now you upgrade you don't show up no more.
__________________
Windows: A thirty-two bit extension and GUI shell to a sixteen bit patch to an eight bit operating system originally coded for a four bit microprocessor and sold by a two-bit company that can't stand one bit of competition.
RewtGuy is offline   Reply With Quote
Old 07-17-2006, 12:25 AM   #9
Golden Master
 
DJ-CHRIS's Avatar
 
Join Date: Apr 2006
Posts: 5,203
Send a message via AIM to DJ-CHRIS Send a message via MSN to DJ-CHRIS Send a message via Yahoo to DJ-CHRIS
Default Re: My home network being DDos'd?

With an IP address like that, it would leave me to believe that it's the ISP's equipment.

I havnt thought about this much, but it's probolly because you have WAN ping turned off and the ISP's DHCP server is getting pissy about you not responding.
__________________

DJ-CHRIS is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 05:19 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0