DOS attack on my home network

Discussion in 'Computing and Networks' started by electronis whiz, Aug 11, 2011.

  1. electronis whiz

    Thread Starter Well-Known Member

    Jul 29, 2010
    519
    27
    last friday we somhow used up our download limit. after investigating event logs and my router log. i saw in the router log that we had a DOS atack. after googling the ip and doing a whois on it on saturday when i heared about the hackers geting into police stations. i looked up the groups ip adress and it mached. (both the IP and the domain name mached)
    i was wondering should i report this to anybody or do anything?
     
  2. Kermit2

    AAC Fanatic!

    Feb 5, 2010
    3,782
    941
    I believe your SERVICE PROVIDER was the target, not you or your home network. Your network would not function because the provider could not 'service' your modems requests for data.
     
  3. electronis whiz

    Thread Starter Well-Known Member

    Jul 29, 2010
    519
    27
    then i don't think our download would have been used, and howd my router know then? (the isp is hughesnet)
     
  4. Kermit2

    AAC Fanatic!

    Feb 5, 2010
    3,782
    941
    The hacker(s) would have 'spoofed' a majority of the IP addresses which are served by the ISP in order to gain control of its bandwidth. They use a variety of methods, but most schemes involve 'fooling' the server into believing it is dealing with its normal clients. Your home internet IP would have been used along with hundreds or thousands of others as part of the hack. The server dutifully logged your IP as having 'used' its allotted amount of download bandwidth, even though YOU never accessed it.

    Remember, they were hacked. The ISP server was fooled into believing that the requests for service were all from legitimate subscribers (you were one of the addresses involved) and therefore needed to be served.
     
  5. electronis whiz

    Thread Starter Well-Known Member

    Jul 29, 2010
    519
    27
    oh i get it now. i figured the modem was what did all of the usage tracking. that would explain why pressing the reset button will not restor the speed. we had to pay an aditional $5 to th isp to restore the alowance. if there was posibly many others involved should i contact the isp telling them what happened? hughes net uses private ip adresses though so i'm not sure how they could have done this with out some how figuring out everyones SNAT adress. then it should be on the ISPs wan side and have nothing to do with the servers.
     
  6. someonesdad

    Senior Member

    Jul 7, 2009
    1,585
    141
    Maybe it was a ruse from the ISP to get more revenue... :p
     
  7. electronis whiz

    Thread Starter Well-Known Member

    Jul 29, 2010
    519
    27
    i thought of that but we have had them about 2yrs and never had a problem before.
     
  8. stahta01

    Member

    Jun 9, 2011
    133
    21
    Obvious question: Do you have a wireless network?

    If yes, is it locked down?

    If wireless network not locked, lock it down.

    It is possible someone got on your wireless network to use up all your usage for the month.

    Tim S.

    PS: Sometimes the obvious is overlooked.
     
  9. electronis whiz

    Thread Starter Well-Known Member

    Jul 29, 2010
    519
    27
    it's pretty much locked down on the wifi side. and all the loged IPs were from my network. i have no SSID broadcast on. and were at least a 1/4 mi from any neighbors or roads.
     
Loading...