dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
4803
share rss forum feed


nowwhat

@shawcable.net

changing my ip

Recently i have been getting ddosed so today i called shaw to see if i could get my ip changed and they are saying they cant change it.. now what do i do?


kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3

Change your MAC address on whatever is connected to the modem,

Router - Look for MAC Clone
Direct to computer, look for something with Physical Address in the advanced properities,

Apply,

Shutdown computer/unplug power from router

Unplug modem, power modem back up, wait for lights to become solid,

Plug power to router back in, or turn back on computer, should have a different IP.
--
Yes, I am not employed and looking for IT work. Have passport, will travel.


ravenchilde

join:2011-04-01
kudos:2
reply to nowwhat

said by nowwhat :

Recently i have been getting ddosed so today i called shaw to see if i could get my ip changed and they are saying they cant change it.. now what do i do?

Do a live chat with Shaw to make sure that your free second IP is enable on your account.

Then follow Kevinds' instructions above.

kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3

If the 2nd IP is enabled, then you can skip powering off the modem.

If your modem is set for 1 IP, the modem power cycle is needed.

-Posted from my phone.



nowwhat

@shawcable.net

well shaw enabled my second ip they said but it still wasnt changing.. so last night i started getting ddosed again and i connected my router and it changed my ip.. so i get back on and i instantly started getting ddosed again and i have no idea how they got my new ip (the way they got it the first time was through skype but i had it off when i connected my router)

does connecting my router to change my ip not change the ip they are ddosing me through or something?


kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3

does connecting my router to change my ip not change the ip they are ddosing me through or something?

Did it change your external (Shaw IP) or just the one showing on your computer? Use ipchicken.com or whatismyip.com Personally, I prefer ipchicken.com

I don't know any of the services you have on your network, but one of them might be updating 'them' what your new IP is. Example, connecting to a game server, will show your "game-name" and IP. Or any other service that you may not have authorized running on your computer.

It isn't likely, but it is possible, that someone is deliberately attacking you for some reason, and have also put the resourses behind tracking your IP changes.
--
Yes, I am not employed and looking for IT work. Have passport, will travel.


ravenchilde

join:2011-04-01
kudos:2
reply to nowwhat

said by nowwhat :

well shaw enabled my second ip they said but it still wasnt changing.. so last night i started getting ddosed again and i connected my router and it changed my ip.. so i get back on and i instantly started getting ddosed again

I'm not a big fan of treating symptoms (getting DDoSed). Let's try and find the cancer: What are you doing to provoke attacks?

tlhIngan

join:2002-07-08
Richmond, BC
kudos:1

said by ravenchilde:

said by nowwhat :

well shaw enabled my second ip they said but it still wasnt changing.. so last night i started getting ddosed again and i connected my router and it changed my ip.. so i get back on and i instantly started getting ddosed again

I'm not a big fan of treating symptoms (getting DDoSed). Let's try and find the cancer: What are you doing to provoke attacks?

That's a good point - changing your IP is useless if you're gonna do whatever is causing you to be DDoS'd to begin with. After all, if it's IRC, everyone will just see your new IP and DDoS that. If it's a website, ditto. Changing your IP is useless unless people just randomly picked your IP.

Also, what is your DDoS? Is it just a bunch of rejected connections from your router? If it's that, there's nothing you can do - it's perfectly normal crap that goes on every day. Just botnets looking for more PCs to recruit and stuff like that. Can't avoid them, and part of the reason the activity light blinks constantly.

ilianame

join:2002-06-05
Burnaby, BC
kudos:1
Reviews:
·Shaw

said by tlhIngan:

Also, what is your DDoS?

This.

If you don't know how to change an IP (via MAC) how do you know you are getting DDOSed? Is the Antivirus 2013 telling you that?

ravenchilde

join:2011-04-01
kudos:2

said by ilianame:

If you don't know how to change an IP (via MAC) how do you know you are getting DDOSed? Is the Antivirus 2013 telling you that?

Wow. Blunt bro. :-D

ilianame

join:2002-06-05
Burnaby, BC
kudos:1
Reviews:
·Shaw

1 edit

said by ravenchilde:

Wow. Blunt bro. :-D

Well, one's got to wonder. I saw this post yesterday and waited for OP to come back with some diagnostics...
like perhaps his pfSense logs, or maybe he used Fiddler to snoop on his packets...

You never know.

TBH I was going to reply that I've been "DDOSed" from some forums in the distant past as well, but then I thought I troll this forum too much.


nowwhat

@shawcable.net
reply to ilianame

@ ilianame im pretty sure i know im getting ddosed since hte person who did it said hes about to ddos me then i couldnt use the internet for about 2 minutes... they got my ip through skype since someone showed it on stream and i got a new skype now


kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3

I have had that issue in the past,

I handled it by getting a more powerful router and added many more IPTables rules.

-Posted from my phone.


tlhIngan

join:2002-07-08
Richmond, BC
kudos:1
reply to nowwhat

said by nowwhat :

@ ilianame im pretty sure i know im getting ddosed since hte person who did it said hes about to ddos me then i couldnt use the internet for about 2 minutes... they got my ip through skype since someone showed it on stream and i got a new skype now

And that's your problem. Even if you get a new skype ID, if you call into someone who gave your ID to someone else, well, that just gives you a slight delay between when you can use it and getting DDoS'd again.

And since you probably WANT to use skype, a new IP doesn't really help because unless you find out who you call gave away your ID, you're just gonna get hosed. Repeatedly. (Skype needs your IP and whoever contacts you also needs your IP).

Either your router rebooted, which you should get a more powerful one (you didn't say what Shaw plan you're on), or you really have been flooded off. Nothing we can do about the latter unless you quit pissing off whomever's doing it or you just grin and bear it and hope they get bored and move onto something else.


Baud1200

join:2003-02-10
Reviews:
·Shaw

He needs to set up a old machine as IDS with logging and pcap enabled to see exactly where its coming from and to log those packets. Contact the ISP of the offender supply them with a copy of those logs and packet caps, also CCing the email to the RCMP cyber crimes division to let the ISP know you are serious.

Won't be as funny for the no lifer doing it when they lose their (parents) internet connection and are faced with possible legal charges.


kevinds
Premium
join:2003-05-01
Calgary, AB
kudos:3

I've done that before,

Some ISPs are very helpful with it.

Fastest one, ISP called me 30 minutes later and asked if it had stopped yet, it hadn't, then they said, "What about now, we just null-routed their subnet".

Distrubuted Denial of Service won't work like that because being distrubuted, will be coming from multiple IPs, sometimes 10's of thousands - so far, I haven't had any that bad.
--
Yes, I am not employed and looking for IT work. Have passport, will travel.



nowwhat

@shawcable.net

well someone sent me a screenshot just now of someone saying that they knew my ip and they linked it in chat and they said they were going to ddos me.. i know who this person is and im just wondering if theres anything i can do with this information? he lives in the united states though



ShawSean

join:2010-07-16
Vernon, BC
kudos:12

said by nowwhat :

well someone sent me a screenshot just now of someone saying that they knew my ip and they linked it in chat and they said they were going to ddos me.. i know who this person is and im just wondering if theres anything i can do with this information? he lives in the united states though

If you register on the boards pm me and I'll be in touch.

Cheers.
--
Sean
Shaw Community Manager

tlhIngan

join:2002-07-08
Richmond, BC
kudos:1
reply to nowwhat

said by nowwhat :

well someone sent me a screenshot just now of someone saying that they knew my ip and they linked it in chat and they said they were going to ddos me.. i know who this person is and im just wondering if theres anything i can do with this information? he lives in the united states though

Well, changing your IP won't help because the instant you sign on skype again, they'll have your NEW IP and DDoS you. Your options are to either not use skype, or to just put up with it when it happens and hope they get bored. Or reconsider your choice in friends.


nowwhat

@shawcable.net

its no one on my skype friends list that is doing it.. you dont need to be on someones contact list to get their ip through skype unfortunately and i would get a new skype account once my ip was to change obviously.

@shawsean will do! thank you


ravenchilde

join:2011-04-01
kudos:2
reply to nowwhat

said by nowwhat :

well someone sent me a screenshot just now of someone saying that they knew my ip and they linked it in chat and they said they were going to ddos me.. i know who this person is and im just wondering if theres anything i can do with this information? he lives in the united states though

If you can find out the IP of the person threatening you, you can look their IP up at ARIN, that IP will have an abuse email/phone # which you can phone and report the action.

tlhIngan

join:2002-07-08
Richmond, BC
kudos:1
reply to nowwhat

said by nowwhat :

its no one on my skype friends list that is doing it.. you dont need to be on someones contact list to get their ip through skype unfortunately and i would get a new skype account once my ip was to change obviously.

@shawsean will do! thank you

Yeah, but all you need is someone to give your new ID to them and you'll be DDoS'd. Or maybe they'll find you again. After all, you changed your skype ID once already to no effect (they won't keep DDoSing you off skype once you log off because it's pointless

And it could very well be someone on your contact list is passing your ID onto whomever's doing it. Since there doesn't seem to be widespread reports of this, changing your ID may only delay matters until you add back your mole.

unhinged

join:2011-10-02
Winnipeg, MB

i didnt change my skype when i connected my router i just didnt log on it so i guess the router didnt really change much... i cant get shaw to change my ip so theres not much i can do at this point

this is the OP btw


ravenchilde

join:2011-04-01
kudos:2

said by unhinged:

i didnt change my skype when i connected my router i just didnt log on it so i guess the router didnt really change much... i cant get shaw to change my ip so theres not much i can do at this point

this is the OP btw

I'm not attacking you, I want to say that first. I'm sure you are a great and wonderful person who is being maligned. But there is some causality to be considered here.

Clearly some interaction is causing some juvenile (person) to want to attack you. I recommend you treat the cause instead of the symptom. Stop participating in whatever activity leads to the DoS. The attacker will grow bored (as juvenile's do) and move on to greener pastures. You may then resume enjoying the internet. That is a holistic approach to solving your problem.

My two cents. Your mileage may vary on this approach. You might even not care for it at all.

ilianame

join:2002-06-05
Burnaby, BC
kudos:1
Reviews:
·Shaw

1 edit

Basically what Raven's saying over here is if you are planning to troll, do so at your own risk. If you are not sufficiently prepared to wage cyberwar, don't do it :P



P.S. If you are not running any out looking services responding to incoming requests, you can't get "DDoSed". If you think the attacker is managing to disconnect you from the Internet, look for vulnerabilities.

P.P.S. »astalavista.box.sk/

P.P.P.S ^^^ Yes this site will give you viruses


stolen

join:2004-04-12
Calgary, AB
kudos:2

said by ilianame:

P.S. If you are not running any out looking services responding to incoming requests, you can't get "DDoSed". If you think the attacker is managing to disconnect you from the Internet, look for vulnerabilities.

Actually, most DDoS's to residences are packets/sec or traffic DoS's. They aren't even targeting your applications, just sending you so many packets/so much traffic that you're dead in the water.
There are plenty of DoS attacks that do target specific applications, but those are more often not distributed, since they attack specific vulns and don't require a large number of hosts hammering the port. </semanticsLawyer>

ravenchilde

join:2011-04-01
kudos:2

said by stolen:

Actually, most DDoS's to residences are packets/sec or traffic DoS's. They aren't even targeting your applications...

DDoS is such an abused term in that way that you'll notice I only ever said DoS. A DDoS usually requires a cloud of zombie bots at the attacker's command, and most munchkins on the internet don't have that. Sure, some do, but most nuisances are just kids with scripts. If one isn't sure that the attack is in fact ditributed, DoS is the umbrella.

rDDoS syn-ack attacks are an exception.

ilianame

join:2002-06-05
Burnaby, BC
kudos:1
Reviews:
·Shaw

You guys are both wrong. Denial of Service means denying the service to the legitimate respondents. OP is not running any services. He may be getting flooded, but his router should pretty much ignore all requests to closed ports.

It would take a few dozen computers with very gracious upload channel to shut OP's router from the Internet.

I'm still leaning towards a vulnerability on the router or through an open port.


ravenchilde

join:2011-04-01
kudos:2

said by ilianame:

You guys are both wrong. Denial of Service means denying the service to the legitimate respondents. OP is not running any services. He may be getting flooded, but his router should pretty much ignore all requests to closed ports.

It would take a few dozen computers with very gracious upload channel to shut OP's router from the Internet.

I'm still leaning towards a vulnerability on the router or through an open port.

I'm not wrong. "In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users"

The network resource called "the internets (subtitle: a series of tubes)" is unavailable to the intended user 'unhinged'. Therefore I am right. My rightness is known! Legendary!

Trollololololol.

ilianame

join:2002-06-05
Burnaby, BC
kudos:1

lololol

I c ur reasoning.
It's almost as if I were to smash my router with the hammer and claim that I hacked Google - because I can't access it.