[Gllug] Router under attack: help/advice needed

TM tm at tm.uklinux.net
Wed Sep 30 09:39:49 UTC 2009


Dear All,

My home broadband router has started telling me I am under attack over 2
weeks ago. It looks like a DDoS attack (multiple IPs, same port, sort of
thing).

I'm not really an expert, and this is the 1st time I am (aware of...)
being attacked. Thankfully the port scans are not frequent enough to
bring the router down to a grinding halt, and I believe the router is
holding up for the time being.

I have contacted my ISP - Freedom2Surf - over 2 weeks ago. I told them
what was going on, provided the offending IP addresses, and asked for
help. I have yet to hear from their 'Abuse' team despite multiple phone
calls to their costumer support line.

I am not experienced in these matters so, could you guys please advise
on this:

1) Shall I be running 'whois' and emailing the ISPs of the attacker
directly?

2) Should I expect Freedom2Surf to be doing a bit more on this? Or is
the customer on their own in this sort of issues?

3) What other steps should I consider taking to strengthen the security
of my home network (including moving to another ISP)?

Thanks for your help
TM
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list