ilianame
join:2002-06-05
Burnaby, BC
kudos:1 Reviews:
 ·Shaw
| reply to tlhIngan
Re: changing my ip said by tlhIngan:Also, what is your DDoS?
This.
If you don't know how to change an IP (via MAC) how do you know you are getting DDOSed? Is the Antivirus 2013 telling you that? |
|
|
|
| said by ilianame:If you don't know how to change an IP (via MAC) how do you know you are getting DDOSed? Is the Antivirus 2013 telling you that?
Wow. Blunt bro. :-D |
|
ilianame
join:2002-06-05
Burnaby, BC
kudos:1 Reviews:
·Shaw
1 edit | Well, one's got to wonder. I saw this post yesterday and waited for OP to come back with some diagnostics...
like perhaps his pfSense logs, or maybe he used Fiddler to snoop on his packets...
You never know.
TBH I was going to reply that I've been "DDOSed" from some forums in the distant past as well, but then I thought I troll this forum too much. |
|
| reply to ilianame
@ ilianame im pretty sure i know im getting ddosed since hte person who did it said hes about to ddos me then i couldnt use the internet for about 2 minutes... they got my ip through skype since someone showed it on stream and i got a new skype now |
|
kevinds
join:2003-05-01
Calgary, AB
kudos:1 | I have had that issue in the past,
I handled it by getting a more powerful router and added many more IPTables rules.
-Posted from my phone. |
|
tlhIngan
join:2002-07-08
Richmond, BC
kudos:1 | reply to nowwhat
said by nowwhat :@ ilianame im pretty sure i know im getting ddosed since hte person who did it said hes about to ddos me then i couldnt use the internet for about 2 minutes... they got my ip through skype since someone showed it on stream and i got a new skype now
And that's your problem. Even if you get a new skype ID, if you call into someone who gave your ID to someone else, well, that just gives you a slight delay between when you can use it and getting DDoS'd again.
And since you probably WANT to use skype, a new IP doesn't really help because unless you find out who you call gave away your ID, you're just gonna get hosed. Repeatedly. (Skype needs your IP and whoever contacts you also needs your IP).
Either your router rebooted, which you should get a more powerful one (you didn't say what Shaw plan you're on), or you really have been flooded off. Nothing we can do about the latter unless you quit pissing off whomever's doing it or you just grin and bear it and hope they get bored and move onto something else. |
|
Reviews:
·Shaw
| He needs to set up a old machine as IDS with logging and pcap enabled to see exactly where its coming from and to log those packets. Contact the ISP of the offender supply them with a copy of those logs and packet caps, also CCing the email to the RCMP cyber crimes division to let the ISP know you are serious.
Won't be as funny for the no lifer doing it when they lose their (parents) internet connection and are faced with possible legal charges. |
|
kevinds
join:2003-05-01
Calgary, AB
kudos:1 | I've done that before,
Some ISPs are very helpful with it.
Fastest one, ISP called me 30 minutes later and asked if it had stopped yet, it hadn't, then they said, "What about now, we just null-routed their subnet".
Distrubuted Denial of Service won't work like that because being distrubuted, will be coming from multiple IPs, sometimes 10's of thousands - so far, I haven't had any that bad.
--
Yes, I am not employed and looking for IT work. Have passport, will travel. |
|
| well someone sent me a screenshot just now of someone saying that they knew my ip and they linked it in chat and they said they were going to ddos me.. i know who this person is and im just wondering if theres anything i can do with this information? he lives in the united states though |
|
 ShawSean
join:2010-07-16
Vernon, BC
kudos:12 | said by nowwhat :well someone sent me a screenshot just now of someone saying that they knew my ip and they linked it in chat and they said they were going to ddos me.. i know who this person is and im just wondering if theres anything i can do with this information? he lives in the united states though
If you register on the boards pm me and I'll be in touch.
Cheers.
--
Sean
Shaw Community Manager |
|
tlhIngan
join:2002-07-08
Richmond, BC
kudos:1 | reply to nowwhat
said by nowwhat :well someone sent me a screenshot just now of someone saying that they knew my ip and they linked it in chat and they said they were going to ddos me.. i know who this person is and im just wondering if theres anything i can do with this information? he lives in the united states though
Well, changing your IP won't help because the instant you sign on skype again, they'll have your NEW IP and DDoS you. Your options are to either not use skype, or to just put up with it when it happens and hope they get bored. Or reconsider your choice in friends. |
|
| its no one on my skype friends list that is doing it.. you dont need to be on someones contact list to get their ip through skype unfortunately and i would get a new skype account once my ip was to change obviously.
@shawsean will do! thank you  |
|
| reply to nowwhat
said by nowwhat :well someone sent me a screenshot just now of someone saying that they knew my ip and they linked it in chat and they said they were going to ddos me.. i know who this person is and im just wondering if theres anything i can do with this information? he lives in the united states though
If you can find out the IP of the person threatening you, you can look their IP up at ARIN, that IP will have an abuse email/phone # which you can phone and report the action. |
|
tlhIngan
join:2002-07-08
Richmond, BC
kudos:1 | reply to nowwhat
said by nowwhat :its no one on my skype friends list that is doing it.. you dont need to be on someones contact list to get their ip through skype unfortunately and i would get a new skype account once my ip was to change obviously.
@shawsean will do! thank you
Yeah, but all you need is someone to give your new ID to them and you'll be DDoS'd. Or maybe they'll find you again. After all, you changed your skype ID once already to no effect (they won't keep DDoSing you off skype once you log off because it's pointless
And it could very well be someone on your contact list is passing your ID onto whomever's doing it. Since there doesn't seem to be widespread reports of this, changing your ID may only delay matters until you add back your mole. |
|
| i didnt change my skype when i connected my router i just didnt log on it so i guess the router didnt really change much... i cant get shaw to change my ip so theres not much i can do at this point
this is the OP btw |
|
| said by unhinged:i didnt change my skype when i connected my router i just didnt log on it so i guess the router didnt really change much... i cant get shaw to change my ip so theres not much i can do at this point
this is the OP btw
I'm not attacking you, I want to say that first. I'm sure you are a great and wonderful person who is being maligned. But there is some causality to be considered here.
Clearly some interaction is causing some juvenile (person) to want to attack you. I recommend you treat the cause instead of the symptom. Stop participating in whatever activity leads to the DoS. The attacker will grow bored (as juvenile's do) and move on to greener pastures. You may then resume enjoying the internet. That is a holistic approach to solving your problem.
My two cents. Your mileage may vary on this approach. You might even not care for it at all. |
|
ilianame
join:2002-06-05
Burnaby, BC
kudos:1 Reviews:
·Shaw
1 edit | Basically what Raven's saying over here is if you are planning to troll, do so at your own risk. If you are not sufficiently prepared to wage cyberwar, don't do it :P
P.S. If you are not running any out looking services responding to incoming requests, you can't get "DDoSed". If you think the attacker is managing to disconnect you from the Internet, look for vulnerabilities.
P.P.S. »astalavista.box.sk/
P.P.P.S ^^^ Yes this site will give you viruses |
|
stolen
join:2004-04-12
Calgary, AB
kudos:2 | said by ilianame:P.S. If you are not running any out looking services responding to incoming requests, you can't get "DDoSed". If you think the attacker is managing to disconnect you from the Internet, look for vulnerabilities.
Actually, most DDoS's to residences are packets/sec or traffic DoS's. They aren't even targeting your applications, just sending you so many packets/so much traffic that you're dead in the water.
There are plenty of DoS attacks that do target specific applications, but those are more often not distributed, since they attack specific vulns and don't require a large number of hosts hammering the port. </semanticsLawyer> |
|
| said by stolen:Actually, most DDoS's to residences are packets/sec or traffic DoS's. They aren't even targeting your applications...
DDoS is such an abused term in that way that you'll notice I only ever said DoS. A DDoS usually requires a cloud of zombie bots at the attacker's command, and most munchkins on the internet don't have that. Sure, some do, but most nuisances are just kids with scripts. If one isn't sure that the attack is in fact ditributed, DoS is the umbrella.
rDDoS syn-ack attacks are an exception. |
|
ilianame
join:2002-06-05
Burnaby, BC
kudos:1 Reviews:
·Shaw
| You guys are both wrong. Denial of Service means denying the service to the legitimate respondents. OP is not running any services. He may be getting flooded, but his router should pretty much ignore all requests to closed ports.
It would take a few dozen computers with very gracious upload channel to shut OP's router from the Internet.
I'm still leaning towards a vulnerability on the router or through an open port. |
|
