DDoS'ing me!
Thread Starter
Joined: Aug 2006
Posts: 123
From:
DDoS'ing me!
First off, my internet has been unbelievably sluggish for the last 10 minutes or so. I have a cable connection with optimum online and am running thru a linksys wireless router.
Well, to my point. I went into my routers config and checked recent logs of traffic to the router. The following IP adresses are continuously attempting to connect to my network: 10.75.64.1, 72.147.186.24 the one that starts with 10 is making more but they are very consistent, this is what it says "Mon Nov 13 21:57:18 2006 Blocked by DoS protection 10.75.64.1". Obviously my router is blocking the connections, but I don't know what to do.
It's making my internet lag horribly, so bad I can hardly post this right now. Does anybody know something I can do?
Thank you,
Steve
Well, to my point. I went into my routers config and checked recent logs of traffic to the router. The following IP adresses are continuously attempting to connect to my network: 10.75.64.1, 72.147.186.24 the one that starts with 10 is making more but they are very consistent, this is what it says "Mon Nov 13 21:57:18 2006 Blocked by DoS protection 10.75.64.1". Obviously my router is blocking the connections, but I don't know what to do.
It's making my internet lag horribly, so bad I can hardly post this right now. Does anybody know something I can do?
Thank you,
Steve
Thread Starter
Joined: Aug 2006
Posts: 123
From:
RE: DDoS'ing me!
Yes I know that and I did it 3 times, just did it again, but it's still happening @ least once every 2 or 3 seconds.
99% of em 10.75.64.1. Anybody know how I can specifically block THAT ip?
Edit: Sorry to sound curt, I'm just frustrated.
99% of em 10.75.64.1. Anybody know how I can specifically block THAT ip?
Edit: Sorry to sound curt, I'm just frustrated.
Thread Starter
Joined: Aug 2006
Posts: 123
From:
RE: DDoS'ing me!
I went through every single option, none allow individual blocking of ip's. I'm considering unplugging the router(going without internet) for a few hours, and then plugging it back in to see if they've stopped. I wikipedia'ed it, http://en.wikipedia.org/wiki/Ddos_attack , and apparently theres not many ways to prevent it, but I'll try calling my ISP tommorow.
Apparently I pissed somebody off. Why the **** is someone targeting my ****ING network.
[:@][:@][:@]
Apparently I pissed somebody off. Why the **** is someone targeting my ****ING network.
[:@][:@][:@]
Thread Starter
Joined: Aug 2006
Posts: 123
From:
RE: DDoS'ing me!
My internet is moving pretty well but i keept refreshing the log of my router and they're still coming.
Thanks Roto, I tried it, got this for 10.75.64.1
"OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US
NetRange: 10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
NetName: RESERVED-10
NetHandle: NET-10-0-0-0-1
Parent:
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate:
Updated: 2002-09-12
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org
# ARIN WHOIS database, last updated 2006-11-13 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
If contact information is out of date or incorrect, please contact hostmaster@arin.net. Include all relevant information in your e-mail and ARIN will investigate the matter. "
I just went to their website and get this (http://www.iana.org/faqs/abuse-faq.htm)
"The IANA receives many reports of spam, apparent hacker activity, and other forms of abuse. Most frequently, people make these reports because they have found an Internet address associated with the abusive activity, and through a bit of research, they find the IANA's name associated in some way with that address.
In virtually all such cases, the association of the IANA's name with a particular address is not actually useful in dealing with the abuse incident. The IANA is not an ISP, and it has absolutely no control over the use of any Internet Protocol (IP) addresses except the very few that are directly tied to the iana.org domain name.
This document was written to clear up the confusion concerning IANA's role, and also to provide some pointers that may be useful in actually resolving abuse cases. "
So I don't really understand any of that very well but apparently there is no hope of finding who is responsible?
EDIT: Did some more reading off their site
"The point of private address space is to allow many organizations in different places to use the same addresses, and as long as these disconnected or self-contained islands of IP-speaking computers (private intranets) are not connected, there is no problem. If you see an apparent attack, or spam, coming from one of these address ranges, then either it is coming from your local environment, or the address has been "spoofed"."
Thanks Roto, I tried it, got this for 10.75.64.1
"OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US
NetRange: 10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
NetName: RESERVED-10
NetHandle: NET-10-0-0-0-1
Parent:
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate:
Updated: 2002-09-12
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org
# ARIN WHOIS database, last updated 2006-11-13 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
If contact information is out of date or incorrect, please contact hostmaster@arin.net. Include all relevant information in your e-mail and ARIN will investigate the matter. "
I just went to their website and get this (http://www.iana.org/faqs/abuse-faq.htm)
"The IANA receives many reports of spam, apparent hacker activity, and other forms of abuse. Most frequently, people make these reports because they have found an Internet address associated with the abusive activity, and through a bit of research, they find the IANA's name associated in some way with that address.
In virtually all such cases, the association of the IANA's name with a particular address is not actually useful in dealing with the abuse incident. The IANA is not an ISP, and it has absolutely no control over the use of any Internet Protocol (IP) addresses except the very few that are directly tied to the iana.org domain name.
This document was written to clear up the confusion concerning IANA's role, and also to provide some pointers that may be useful in actually resolving abuse cases. "
So I don't really understand any of that very well but apparently there is no hope of finding who is responsible?
EDIT: Did some more reading off their site
"The point of private address space is to allow many organizations in different places to use the same addresses, and as long as these disconnected or self-contained islands of IP-speaking computers (private intranets) are not connected, there is no problem. If you see an apparent attack, or spam, coming from one of these address ranges, then either it is coming from your local environment, or the address has been "spoofed"."