1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Someone is Flooding my connection's IP.... Help?

Discussion in 'All other topics' started by Xenokai, Mar 24, 2009.

  1. Xenokai

    Xenokai Regular member

    Joined:
    Jul 10, 2004
    Messages:
    741
    Likes Received:
    0
    Trophy Points:
    26
    First off my internet is a ISp that uses Static ip's for all customers. Ok anyway i was playing gears of war 2 and i got standbyed like always and i send the guy a message saying he's bad and that im filing a complaint. Then he messages me back and says "OK mofo im getting your ip." Within just a min or 2 my connection on my pc is showing that its uploading and downloading constantly.

    I reset modem AND router and doesnt stop it. Ive scanned with spybot, adaware and Nothing seems to stop it. Its not a virus or anything. It sometimes stops and then starts up randomly randomly. I dont know how to check for what ip's are coming into my connection. (my router log seems to not have anything in it).

    With all that said i have a few questions...

    -This sounds like IP flooding and since i cant change my IP myself is calling my ISP the only way to change my STATIC IP?

    -This doesnt seem to kick me off xbox live just seems to flood my pc's connection. Is there a way to fix this?


    Im on WinXP MCE2005 with local DSL connection.

    Please can anyone help me figure out this problem? and can this guy steal my xbox live account or my password when im on the pc?
     
  2. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,174
    Likes Received:
    98
    Trophy Points:
    128
    your router, is it wired or wireless?
     
  3. varnull

    varnull Guest

    netstat /a

    find his ip .. then report him to your isp.. then pull the plug on your modem for 10 minutes or so. That will put a stop to the behaviour and cause a huge number of failed connection logs in the isp's monitoring routines.

    While offline check your pc over for rootkits and malware.
     
  4. Xenokai

    Xenokai Regular member

    Joined:
    Jul 10, 2004
    Messages:
    741
    Likes Received:
    0
    Trophy Points:
    26
    im on a wired connection. How do i check my logs? Also what rootkits and malware scanner are recommened?
     
  5. varnull

    varnull Guest

    First thing to do is disconnect your router from your modem.. then access it's admin panel and make it more secure.. If you are using the default password change it. This data is showing up in your pc .. so that's been exploited too. Your pc is being used as a remote proxy.. it's really quite easy to set up .. why not search for a file called "hide.exe" lurking as hidden and system in your system32 directory... it appears to be alone.. but it has a hidden subdirectory below it with it's irc listen channel and login and some other stull.. a couple of dll's to subvert your firewall and antivirus and things.... if this is just a script kiddie he should be easy enough to get rid of.

    http://www.zdnetasia.com/downloads/pc/swinfo/0,39043052,50002345r-39536411s,00.htm

    run all malware/rootkit/antivirus apps offline

    I don't do windows rootkits.. I use them against people..so I'm not giving my secrets away.
     
  6. Xenokai

    Xenokai Regular member

    Joined:
    Jul 10, 2004
    Messages:
    741
    Likes Received:
    0
    Trophy Points:
    26
    ok i got a program called CallerIP and its showing whats causing my connectio to suffer Its a ip from limlight networks in in tempa AZ HOW do i block this?
     
  7. varnull

    varnull Guest

    add it to peer guardian blocklists.. or if your router supports specific ip blocking add it there.

    I will put money on that being a proxy or another jacked xp machine.
     
  8. sherlocke

    sherlocke Member

    Joined:
    Mar 3, 2009
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    11
    configure your router so that only known IPs are allowed to connect. Super simple on a DLink
     
  9. varnull

    varnull Guest

    and impossible on a belkin XD

    also.. as the hack is using the pc all connections will be apparently initiated by the users computer.. not an external ip ..want to block the entire internet.. because that's the only way you will stop this machine shouting out to probably a rolling proxy hosts list.

    I know how to use these rootkits and exploits to hijack n00bs windoze.. it isn't in my interests to tell exactly and specifically how they work.

    Following my instructions above (which I notice the user has made a great play of not doing.. instead going 100% the wrong way about it) and finding which hidden process is running.. then killing that process.. while disconnected from the internet is the only way to proceed.. He's lucky it's a script kiddie and not me.

    Best solution overall after being rootkitted like that.. wipe the computer completely.. because it will always be 100% compromised by a clever hacker who probably had an admin login and all kinds of other backdoor access by now. Repair really isn't an option.. that's why I set windoze up on more than one partition.
     
  10. Xenokai

    Xenokai Regular member

    Joined:
    Jul 10, 2004
    Messages:
    741
    Likes Received:
    0
    Trophy Points:
    26
    Ok this is odd it stopped. I could of swarn it wasnt my pc but after uninstalling like 4 programs and simnply reinstalling them again this isnt happening anymore. (did a good scan of all my programs after they where removed.)

    What i dont get is why did this start up right after this guy told me this. Also i keep my pc pretty clean of viruses and i watch over my process list and whats running but nothing has changed since i reinstalled nearlike half my program but yet the ip is no longer sending or recioeveing from my ip.

    Maybe it wasnt a ip flood all i no is i havent seen it since i reinstalled some programs. I didnt exspect this to do anything because i rolled my pc back using sys restore after i noticed this ip hitting my connection and it would still do it then.
     
  11. keebles

    keebles Regular member

    Joined:
    Aug 13, 2005
    Messages:
    723
    Likes Received:
    1
    Trophy Points:
    28

Share This Page