Elite.Pete Posted September 27, 2005 CID Share Posted September 27, 2005 so i wake up this morning none of my pcs will get on the internet i call comcast, i reboot the network nothing works then one pc comes back online i look at the netstat i have connections on a million ports from a million different websites and ip's... my other pc wont get on the internet says limited or no connectivity i cant even access the router page from it what is going on ..... ive scanned for viruses on both pcs... none Link to comment Share on other sites More sharing options...
resopalrabotnick Posted September 27, 2005 CID Share Posted September 27, 2005 sounds like you've been p2p'ing too much and caught yourself a whopper of a trojan. congrats! disconnect from the internet, scan for trojans and other baddies. Link to comment Share on other sites More sharing options...
netmasta Posted September 27, 2005 CID Share Posted September 27, 2005 Sounds like an attack of some sort. Have you check your router's logs? Link to comment Share on other sites More sharing options...
tennesseeme Posted September 27, 2005 CID Share Posted September 27, 2005 get access to a linux machine and nmap you network, you probably have a LOT of aarpi traffic, and a sick trojan or botnet. wow, reformat time for you! Link to comment Share on other sites More sharing options...
Swimmer Posted September 27, 2005 CID Share Posted September 27, 2005 To get your computers back.. boot save mode with networking, unplug the internet.. check the router logs to see if there was anything abnormal... Then begin the cleaning process.. Just make sure that when you are in safe mode with networking your internet is not running into the router..otherwise you are just asking for more problems. Link to comment Share on other sites More sharing options...
tdawnaz Posted September 27, 2005 CID Share Posted September 27, 2005 what's "p2p'ing"???... sorry so stupid...but i've been meaning to ask this Link to comment Share on other sites More sharing options...
anox195 Posted September 27, 2005 CID Share Posted September 27, 2005 p2p = person 2 person, basically file sharing such as music or warez or stuff like that... thx anox...for the info Link to comment Share on other sites More sharing options...
Elite.Pete Posted September 27, 2005 Author CID Share Posted September 27, 2005 back online now. reformat + new surfboard5101 modem... hopefully im safe now Link to comment Share on other sites More sharing options...
Elite.Pete Posted September 27, 2005 Author CID Share Posted September 27, 2005 was hoping no to reformat my other pc but looks like i must. Link to comment Share on other sites More sharing options...
just- Posted September 27, 2005 CID Share Posted September 27, 2005 looks like u got it sorted would like to know what really happend soudns so odd the pc u formated works i guess and the other one doesnt? Link to comment Share on other sites More sharing options...
Elite.Pete Posted September 27, 2005 Author CID Share Posted September 27, 2005 i think someone DDOS'ed Me comcast is now monitoring my connection and any connections will be logged and anyone who attempts to hack me at this point will be going to federal prison Link to comment Share on other sites More sharing options...
just- Posted September 27, 2005 CID Share Posted September 27, 2005 sounds scary but it really sucks who or whatever did that to you did u format both pc or any pc at all in the end? Link to comment Share on other sites More sharing options...
Elite.Pete Posted September 27, 2005 Author CID Share Posted September 27, 2005 this one is a fresh format. atleast i got just about the best cable modem available out of the deal Link to comment Share on other sites More sharing options...
just- Posted September 27, 2005 CID Share Posted September 27, 2005 something i still didnt understand is it confirmed u had a DDOS atack upon ur ip? Link to comment Share on other sites More sharing options...
Elite.Pete Posted September 27, 2005 Author CID Share Posted September 27, 2005 yes it's confirmed. considering i had connections from zombies from just about every single ISP in the world edit: it was a SYN flood to be exact basicly what it does is it spams your connection so you cant open new valid connections using bad protocol implemented in the windows tcp/ip stack Link to comment Share on other sites More sharing options...
catamaran Posted September 27, 2005 CID Share Posted September 27, 2005 Looks like some @#$@#$%!! has stung you with TCP Flooding. The connection request is sent from a spoofed address and before the ACK can be sent another request to another spoofed addr is sent. Your PC works itself to a nub trying to comply with all the requests and it never gets any return confirmations since they don't exist.. Eventually your mem gets loaded and the system gets locked up. From what I've seen the trick doesn't cause any permanent harm when all is reset. I wish these hacker SOBs, spammers and virus makers would get lives!! Link to comment Share on other sites More sharing options...
tdawnaz Posted September 27, 2005 CID Share Posted September 27, 2005 I wish these hacker SOBs, spammers and virus makers would get lives!! yeh i just don't get what these guys get outta doing this...some kinda thrill...they should just try something simplier like...sex Link to comment Share on other sites More sharing options...
just- Posted September 27, 2005 CID Share Posted September 27, 2005 ok so if u disconnect your router from the web and u had tried to access the website in your router ( the administrator website) it should all have worked because the attack would no long go anywhere since u were not with a IP did u try that? Link to comment Share on other sites More sharing options...
just- Posted September 27, 2005 CID Share Posted September 27, 2005 yeh i just don't get what these guys get outta doing this...some kinda thrill...they should just try something simplier like...sex simples and better i dont see the point on attacking random users unless u did something to piss off a lot of spammers did you? Link to comment Share on other sites More sharing options...
Elite.Pete Posted September 27, 2005 Author CID Share Posted September 27, 2005 probably did do something all i know is a got a great new surfboard 5101 modem and my net works fine now so im happy. Link to comment Share on other sites More sharing options...
Swimmer Posted September 27, 2005 CID Share Posted September 27, 2005 I you were behind a router then your computer should have been fine.. As long as your are not opening ports and your systems are clean the router will disregard any pings or packets from sources.. Link to comment Share on other sites More sharing options...
Elite.Pete Posted September 27, 2005 Author CID Share Posted September 27, 2005 not true swimmer. i only had 1 port open for bit torent. and syn flood doesn't operate like that Link to comment Share on other sites More sharing options...
Swimmer Posted September 27, 2005 CID Share Posted September 27, 2005 With the newer routers you dont have to worry about SYN attacks.. With SPI these attacks are useless.. http://www.netgear.com/products/details/WGT624.php http://www.dlink.com/products/?pid=19 The DI-714P+ also features a Stateful Packet Inspection (SPI) firewall which helps to protect against Denial of Service (DoS) attacks such as SYN Flood, Spoofing, and Ping of Death. http://www.linksys.com/servlet/Satellite?childpagename=US%2FLayout&packedargs=c%3DL_Product_C2%26cid%3D1124916802645&pagename=Linksys%2FCommon%2FVisitorWrapper The Router protects your PC from most known Internet attacks with a powerful Stateful Packet Inspection firewall. The only real catch is that the router has to be newer.. Link to comment Share on other sites More sharing options...
Recommended Posts