DOS attack on my home network

Thread Starter

electronis whiz

Joined Jul 29, 2010
512
last friday we somhow used up our download limit. after investigating event logs and my router log. i saw in the router log that we had a DOS atack. after googling the ip and doing a whois on it on saturday when i heared about the hackers geting into police stations. i looked up the groups ip adress and it mached. (both the IP and the domain name mached)
i was wondering should i report this to anybody or do anything?
 

Kermit2

Joined Feb 5, 2010
4,162
I believe your SERVICE PROVIDER was the target, not you or your home network. Your network would not function because the provider could not 'service' your modems requests for data.
 

Kermit2

Joined Feb 5, 2010
4,162
The hacker(s) would have 'spoofed' a majority of the IP addresses which are served by the ISP in order to gain control of its bandwidth. They use a variety of methods, but most schemes involve 'fooling' the server into believing it is dealing with its normal clients. Your home internet IP would have been used along with hundreds or thousands of others as part of the hack. The server dutifully logged your IP as having 'used' its allotted amount of download bandwidth, even though YOU never accessed it.

Remember, they were hacked. The ISP server was fooled into believing that the requests for service were all from legitimate subscribers (you were one of the addresses involved) and therefore needed to be served.
 

Thread Starter

electronis whiz

Joined Jul 29, 2010
512
oh i get it now. i figured the modem was what did all of the usage tracking. that would explain why pressing the reset button will not restor the speed. we had to pay an aditional $5 to th isp to restore the alowance. if there was posibly many others involved should i contact the isp telling them what happened? hughes net uses private ip adresses though so i'm not sure how they could have done this with out some how figuring out everyones SNAT adress. then it should be on the ISPs wan side and have nothing to do with the servers.
 

stahta01

Joined Jun 9, 2011
133
Obvious question: Do you have a wireless network?

If yes, is it locked down?

If wireless network not locked, lock it down.

It is possible someone got on your wireless network to use up all your usage for the month.

Tim S.

PS: Sometimes the obvious is overlooked.
 

Thread Starter

electronis whiz

Joined Jul 29, 2010
512
it's pretty much locked down on the wifi side. and all the loged IPs were from my network. i have no SSID broadcast on. and were at least a 1/4 mi from any neighbors or roads.
 
Top