pcscdma
Chocobo Chocobo Random Battle
Premium
join:2004-01-14
Winterset, IA
clubs:
| reply to mziemba
Re: Please Prove My Father Wrong!
Are you the intermediate or the spoofed target of the SMURF? If you are the intermediate you can get a router or software that filters those packets. Cookies don't generate specially crafted ICMP packets. The web server that you are using could be set up to automatically use your IP for a SMURF. The web server needs your IP to SMURF and it needs your IP to send you the pages.
You could just have a popular IP address.
--
Be patriotic or I'm reporting you to Ashcroft. |
|
mziemba
join:2003-12-06
| I'm not really sure what you mean when you say "intermediate or spoofed target"
My Network address is the one that the SMURF attack goes to and there by floods the network slowing it to a snails pace.
Some, if not Most, of the places that I visit are not run by people that would run SMURF. |
|
Qumahlin
Never Enough Time
Premium,MVM
join:2001-10-05
united state
| said by mziemba  :
I'm not really sure what you mean when you say "intermediate or spoofed target"
My Network address is the one that the SMURF attack goes to and there by floods the network slowing it to a snails pace.
Some, if not Most, of the places that I visit are not run by people that would run SMURF.
Do you use IRC or such? I ask because Smurf is not some random attack..If someone is lauching a Smurf attack against you...repeatedly...then you did something to piss them off.
--
Forum Posts:4326 |
|
EGeezer
Summertime -
Premium
join:2002-08-04
Country!
 ·Callcentric
 ·RoadRunner Cable
·AT&T CallVantage
| reply to mziemba
said by mziemba :
Some, if not Most, of the places that I visit are not run by people that would run SMURF.
Some if not most - This in itself should be a red flag that you may be driving in questionable neighborhoods, so to speak. With that in mind, the ICMPs could be caused by just about anything from connection to game servers to P2P setups, IRC and so on.
We don't know what security settings, tools, apps, AV/AT/firewall products you are using, let alone how current they are or if you bypass them them to "install this viewer to see the movie" or similar prompt. We don't even know what operating system(s) or how many PCs are involved.
With that in mind, it's hard to determine with any confidence what could cause your problem. It could even be as simple as a bad connection or NIC and the "smurfs" reported in logs could be entirely unrelated.
My recommendation is to review the security FAQs, particularly »Security »How to Secure (and Keep Secure) My (New) Computer(s): A Layered Approach: and »Microsoft Application Tips and Tweaks »Concerning Internet Options Security, what do some of the settings mean if you are using IE.
If you're playing in the street or 'hood, become streetwise or prepare to get run over or ripped off occasionally.
--
Eschew obfuscation |
|
mziemba
join:2003-12-06
| Some if not most - This in itself should be a red flag that you may be driving in questionable neighborhoods, so to speak. With that in mind, the ICMPs could be caused by just about anything from connection to game servers to P2P setups, IRC and so on.
I run IRC but I have never never pissed any individual off and keep only 2 ports open (Used by the Invision script I have inconjunction with my firewall).
Like I said most of teh sites are run by professional individuals. www.toonzone.net, www.voltron.info, www.lordsofpain.net, www.puroresupower.com, www.puroresufan.com, and gamefaqs.com are my most visited sites. And about half the time that's about all I do online.
We don't know what security settings, tools, apps, AV/AT/firewall products you are using, let alone how current they are or if you bypass them them to "install this viewer to see the movie" or similar prompt. We don't even know what operating system(s) or how many PCs are involved.
Router is an SMC7008ABR with, as far as I know a default set up (I am not permitted to access anything in the router because I attempted to use the Port Forwarding for BitTorrent.)
I think we're running the standard factory settings Firewall out of that (Like I said, I'm not allowed to check myself, and even with my father present I'm not allowed to look arround without him watching and asking me what I'm doing and belittling me the entire time. And I'm the only one that is running a personal firewall on a PC hooked up to the network (Zone Alarm Pro). The firewall on my PC NEVER goes off when someone is attempting to get into is. I have it set to block any and all incoming information unless I say it's ok, and still have never seen anything.
The Network consists of 2 PC's running Windows 2000, one running ME (mine), one running XP professional, and a Playstation 2 (Which half the time isn't hooked up to the network)
The SMURF's in the logs are from other people, but they are spoofing the IP address. I've had atleast 2 that have come from the University of Nebraska, and yes we've contacted them and they have said there is no one hooked up to the addresses (yes plural) that were SMURFing us. |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
1 edit | "And I'm the only one that is running a personal firewall on a PC hooked up to the network (Zone Alarm Pro). The firewall on my PC NEVER goes off when someone is attempting to get into is. I have it set to block any and all incoming information unless I say it's ok, and still have never seen anything."
You shouldn't see anything incoming with the software firewall. If the router is setup properly. It would seem it is - since your not seeing any alerts with the software firewall. You should see alerts when programs want access out for the 1st time etc. The router should be handling anything that is incoming before it has a chance to even reach the software firewall.
--
Test Your Security
Team Z Member
Cable Modem Diagnostics |
|
gaforces
United We Stand, Divided We Fall
join:2002-04-07
Santa Cruz, CA
 ·Cruzio Internet
| reply to mziemba
www.lordsofpain.net
I seem to recall these guys, game griefers they prefix thier name with Lord----. They live to mess with people, and they are on irc too. I wouldnt go near thier site ever.
I think your dads right 
--
Fiber Optics is the future of high-speed internet access. Stop by the BBR Fiber Optic Forum |
|
kruser
Premium
join:2002-06-01
Saint Louis, MO
clubs:
·AT&T Southwest
| reply to Qumahlin
said by Qumahlin :
said by mziemba :
I'm not really sure what you mean
Do you use IRC or such? I ask because Smurf is not some random attack..If someone is lauching a Smurf attack against you...repeatedly...then you did something to piss them off.
Maybe it was your Dad that pissed them off? |
|
dddane
join:2002-01-10
Chicago, IL
| reply to mziemba
do you have ports or dmz enabled on your SMC that point to your computer? if you're behind a firewall, it wouldnt really matter where or who caused the target.... the web server would send the attack and the firewall would decide where to forward the packets (in this case, you say, to your computer) |
|
