Being Threatened with Packet floods and UDP floods

So recently i’ve been getting threatened with packet floods and UDP floods. I’m about 85% sure this person does not have my IP but i told them if they tried anything all i would need to do is change my IP. They said they would still be able to get my new IP then. Right now i have CFP3 and a Linksys wireless router with a built in firewall. And now i am starting to wonder am i pretty safe from these threats? or should i really be worried?

First off this kid needs to get a life. Second of all your router should block most of the packets, and CFP should block the remaining. If you change your IP you will be safe. This kid must be retarted because DDoSing is one of the dumbest things you can do.

  1. If you notice a slowing of your network unplug your network and wait a day

  2. Change your IP

  3. Make sure you tweak CFP accordingly to counter this

  4. Make sure in your router settings the setting ‘discard WAN pings’ is enabled

You should be safe.

Thank you Info-Sec i’ve set everything to the highest settings i can now. Have another quick question though. On my router it has a “Filter internet NAT redirection” should i enable this also?

Im not entirely familiar with NAT, but for your convenience keep it off. To my knowledge it won’t protect you against this attack.

I found this on Wikipedia

In addition to the convenience and low cost of NAT, the lack of full bidirectional connectivity can be regarded in some situations as a feature rather than a limitation. To the extent that NAT depends on a machine on the local network to initiate any connection to hosts on the other side of the router, it prevents malicious activity initiated by outside hosts from reaching those local hosts. This can enhance the reliability of local systems by stopping worms and enhance privacy by discouraging scans. Many NAT-enabled firewalls use this as the core of the protection they provide.

The greatest benefit of NAT is that it is a practical solution to the impending exhaustion of IPv4 address space. Networks that previously required a Class B IP range or a block of Class C network addresses can now be connected to the Internet with as little as a single IP address (many home networks are set up this way). The more common arrangement is having machines that require true bidirectional and unfettered connectivity supplied with a ‘real’ IP address, while having machines that do not provide services to outside users tucked away behind NAT with only a few IP addresses used to enable Internet access.

Ok then enable NAT. Just remember that may affect computers in your network from getting internet access, and may cause problems with xbox live. So if you experience those problems its because of NAT.

Well i fine tuned CFP3 so i feel pretty darn safe now so i’ll leave NAT off. Thank you for all of the help Info-Sec i appreciate it very much :-TU

A hardware firewall and CFP 3 should protect you from these kids.
For Comodo Firewall Pro, I quote this from Denial-of-service attack - Wikipedia

Comodo Firewall Pro has a built-in Emergency Mode which is activated when the number of incoming packets per seconds exceed a set value for more than the specified time, for example, more than 20 packets/sec for more than 20 seconds. If this happens, the firewall classifies it as a DoS attack and switches to Emergency Mode. In this mode, all inbound traffic is blocked except previously established and active connections, but outbound traffic is allowed. The packet number threshold and the time needed for verifying an attack can be adjusted by the user separately for TCP, UDP and ICMP. The firewall also has some other attack prevention mechanisms, like protocol analysis, checksum verification (so that the packets aren't altered since transmission) and NDIS protocol monitoring for attempts at making a DoS attack by using own protocols, thus outmaneuvering older firewalls.

If they really were professionals, they wouldn’t be such a bunch of noobs and go like “z0mgz w3 f00nd j00 1p and n0w w3 is haxX0r j00 w1th udp fl00d!”. Tell them that you have a serious hacker friend (me), and they should ■■■ their pants and leave you alone :wink:

Cheers,
Ragwing

No problem. As rag said they arent anything special. DDoSing is so common and so easily avoided.

I actually blocked them from MSN and AIM and made sure they aren’t able to email me anymore. So i wont be talking to them again ever. Again thank you Ragwing and Info-Sec you two have helped alot :slight_smile:

Also another thing i was rather worried about is how MSN and AIM are easy to get a IP from using a Packet sniffer which seems to be fairly easy to find.

Any time bud. Well really anything is easy to get from sniffing if you can do it the right way. Anyways if they planned to DDoS you in the first place they are just little kids who think they can hack. But if they knew anything most DDoS can be blocked at the router level OOPS! :wink: