GreenR Community|The Community Run by You
cancel
Showing results for 
Search instead for 
Did you mean: 

Whole System ACK Flood Attack - router chocked

Highlighted
Valued Commentator

Whole System ACK Flood Attack - router chocked

Guys - advice please

 

I think the solution is switch off everything for a day.  But please read on.

 

Recently my DLINK Router was dropping connections really badly. I bought to a new wifi router thinking that was the issue but same problem.

 

The issue seems to be regularly I would lose conenction to the wifi router and no internet would work.  Internet Speed tests would run really slow (sub 1Mbps download).  To solve I either left it for a bit or a restart of the router and cable modem seemed to resolve temporarily.

But it wasnt solved so started investigating further

 

I switched off ALL internet devices apart from one tablet that I hadnt used for some time just incase my LAN had a virus or something.

Checked my router logs and same issue in both routers alot of DDOS type attacks immediately when I switch on the cable modem.

 

My starbhub cable modem I guess must have a DHCP IP assigned  as its residental not business service. But it seems to be the same one after a quick restart.  Not recycled from a pool. So as soon as the cable modem restarts the attacks come in immediately which my wifi router blocks but eventually its chocking the wifi router so it cant respond to my legitamate requests. 

 

Q1) Does anyone know how to force the cable modem to get a new starhub IP or do I have to wait a specific period of time or call customer services??  

 

Q2) Does anyone know how to stop this from occuring. Is DDOS protection a service for residental customers?

 

 

Example of external IPs making flood attacks with no devices connect to my LAN/WIFI after a restart,

 

Time and DateMessage
Sep 30 13:54:34Per-source ACK Flood Attack Detect (ip=157.240.7.35) Packet Dropped
Sep 30 13:54:34Whole System ACK Flood Attack from WAN RuleSmiley Very Happyefault deny
Sep 30 13:53:34Per-source ACK Flood Attack Detect (ip=118.215.83.109) Packet Dropped
Sep 30 13:53:34Whole System ACK Flood Attack from WAN RuleSmiley Very Happyefault deny
Sep 30 13:52:34Port Scan Attack Detect (ip=157.240.7.26) Packet Dropped
Sep 30 13:52:34Per-source ACK Flood Attack Detect (ip=117.18.237.97) Packet Dropped
Sep 30 13:52:34Whole System ACK Flood Attack from WAN RuleSmiley Very Happyefault deny
Sep 30 13:51:34Per-source UDP Flood Attack Detect (ip=172.17.5.36) Packet Dropped
Sep 30 13:51:34Per-source ACK Flood Attack Detect (ip=74.125.24.95) Packet Dropped
Sep 30 13:51:34Whole System ACK Flood Attack from WAN RuleSmiley Very Happyefault deny
Everyone's Tags (4)
3 REPLIES 3
Highlighted
Alumni (Retired)

Re: Whole System ACK Flood Attack - router chocked

Hi wildmalc

 

Do provide me with your Registered Name, Hub ID/email address and Service Address by clicking on this link> via Private Message so that I can arrange for assistance on this. 

Valued Commentator

Re: Whole System ACK Flood Attack - router chocked

I havent heard a reply back to my PM
Highlighted
Alumni (Retired)

Re: Whole System ACK Flood Attack - router chocked

Hi wildmalc

 

Thank you for your patience in this period of high volumes.

 

We are indeed StarHub employees. As we're facing an issue with our Community PM currently, can you provide us with the details of your concerns alongside your registered name, service address or number and Hub ID / email address for verification via our Facebook PM at http://m.me/starhub so we can assist you. 

 

- Amy