Solved

Urgent: Someone is knocking off my buddys connection.

Posted on 2004-08-12
8
216 Views
Last Modified: 2010-08-05
it's not a trojan i think he's sending packets to his IP and knocking it off. he said he cant really do antyhing, he gets disconnected every 5 mins.  what exactly is this method called, and can anything be done?
0
Comment
Question by:andyakira
8 Comments
 
LVL 21

Expert Comment

by:jvuz
Comment Utility
First check for virus:

http://vil.nai.com/vil/stinger/
0
 
LVL 7

Expert Comment

by:magus123
Comment Utility
what kind of internet connection is he using ,
also does he have software firewall and a hardware firewall
0
 
LVL 5

Expert Comment

by:ravisimpi
Comment Utility
Someone is sending you a remote modem commant to hang up.. That command is ATH0

     There are programs which send this command provided they know the IP address of your buddy.

  Have a look at this article which will explain you in detail about the hang up ping.

http://www.attrition.org/security/denial/w/mod-ath.dos.html
0
 
LVL 5

Expert Comment

by:ravisimpi
Comment Utility
Solution  Start>Settings>contrl panel>

Double click on modems, select your modem in the list,  then click properties, and then in the connection tab click on advanced button
, in extra settings box  enter the value 's2=255' without quites


         s2=255

You can also make search in google as 's2=255 fix'
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 23

Accepted Solution

by:
Tim Holman earned 500 total points
Comment Utility
Capture some evidence...

1)  Go to http://www.ethereal.com/download.html
2)  Under Windows 98/ME/2000/XP/2003 Installers, select a site near you
3)  Download WinPcap_3_0.exe and ethereal-setup-0.10.4.exe
4)  Install WinPcap_3_0 - double click on the WinPcap_3_0.exe file, just
click OK / Yes throughout
5)  Install ethereal-setup-0.10.4 - double click on the file, accept all the
defaults (OK / Yes throughout)
6)  Start the Ethereal application
7)  Go to Capture > Start
8)  Under Interface, select your Internet facing interface.  If you're
unsure, then select one, and continue.  If it displays results, then you've
got the right interface, if your capture is empty, then select another
interface and carry on...
9)  Under Capture Files, put \capture.cap
10)  Click OK
11)  Capturing will commence....
12)  Capture what you need to
13) Go back to Ethereal, click Stop
14)  Analyse the c:\capture.cap file, or send it to me - tim_holman@hotmail.com
0
 
LVL 1

Expert Comment

by:MinusDriver
Comment Utility
I've had this same problem before.

ravisimpi hit it right on the nail!!

Solution  Start>Settings>contrl panel>

Double click on modems, select your modem in the list,  then click properties, and then in the connection tab click on advanced button
, in extra settings box  enter the value 's2=255' without quites

         s2=255

This was actually what I had to do.

Good Luck!
0
 

Author Comment

by:andyakira
Comment Utility
does the s2=255 fix work for cable modem?

tim_holman, i cant send u log because the guy that was atatcked hasnt been online ever since. i think he was nuked hard. ill have to wait till he gets on.
0
 
LVL 5

Expert Comment

by:ravisimpi
Comment Utility
will you please tell me what actually made your buddy's connection to knock out?


 I thought that Just ATH0 was the culprit
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now