Do you have a recommendation for a network trafficking monitor program? I saw no obvious problems, but of course, with the shaw modem itself I didn't have too much able to monitor exactly what was going on as I use my router to see what is going on usually. So it should be just a straightforward basic modem as I use the netgear router. The modem is one of those newer DocSIS 3.0 ones with the built in router, which I have the wifi router itself disabled. I don't own a laptop, but I did just that with a clean formatted PC, plugging it directly into the shaw modem itself. If the attacks are still coming with the new IP/bootcd/no router setup, perhaps you're not the only/intended target? Do you have any packet captures of these attacks? Are the logfiles perhaps just showing you dropped traffic and this 'DoS attack' is not really the cause of your slowdowns? Do you have a managed switch with mirror port or a dumb hub that you could use to monitor traffic?Įdit: DoS attacks don't just 'leave' viruses and trojans on computers. Is your Shaw modem something dumb like the SB5100, or does it have a built-in router? It's possible that your router is infected with some naughty firmware or something simpler like DNS redirection. Add each piece of the puzzle until it starts back up. When your modem syncs back up with Shaw, you should have a new IP and no attacks coming in. To narrow it down, I'd unplug router and modem, boot a laptop from a live CD (Knoppix, BackTrack, PC-BSD.) and plug it directly into the modem. Both computers are running firewalls, anti-virus, anti-spyware, and anti-malware programs. I have a Netgear WNDR3700 router, with 2 computers directly wired, and on wireless 2 phones and a tablet, how-ever my wi-fi has been completely disabled since this started happening. I've limited my internet use to try to narrow down which program/programs are the culprit of these attacks, but there is seeming to be no correlation.Īs far as my home network goes, I'm not sure how I can make my simple home network more secure. I've talked with shaw and they say nothing can be done on their end. But of course they still keep coming, so I assume it's not something on my computers.
So next I figured it was something on my computers allowing them to keep targeting, but I've done fresh reformats twice. So I assume it's not the fact they have my static IP address. I was on a static IP, but since these attacks I've swapped over to dynamic, and I refresh my IP consistently, but they still keep coming. And they are leaving between 10-1000 viruses, trojans, worms, etc on my computer each time, which I have to use about 12 different programs just to detect and remove them all. They are flooding in at about 10 per second. HALP!Īlmost daily I'm getting 99.99% packet loss courtesy of these attacks. I've been absolutely hammered by DoS attacks (RST Scan, IMAP Scan, FIN Scan, and ACK Scan have been the most common ones I've seen) over the past 3 weeks and I don't know what's left to do.