Solved

Urgent: Someone is knocking off my buddys connection.

Posted on 2004-08-12
8
220 Views
Last Modified: 2010-08-05
it's not a trojan i think he's sending packets to his IP and knocking it off. he said he cant really do antyhing, he gets disconnected every 5 mins.  what exactly is this method called, and can anything be done?
0
Comment
Question by:andyakira
8 Comments
 
LVL 21

Expert Comment

by:jvuz
ID: 11790701
First check for virus:

http://vil.nai.com/vil/stinger/
0
 
LVL 7

Expert Comment

by:magus123
ID: 11790800
what kind of internet connection is he using ,
also does he have software firewall and a hardware firewall
0
 
LVL 5

Expert Comment

by:ravisimpi
ID: 11790850
Someone is sending you a remote modem commant to hang up.. That command is ATH0

     There are programs which send this command provided they know the IP address of your buddy.

  Have a look at this article which will explain you in detail about the hang up ping.

http://www.attrition.org/security/denial/w/mod-ath.dos.html
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 5

Expert Comment

by:ravisimpi
ID: 11790875
Solution  Start>Settings>contrl panel>

Double click on modems, select your modem in the list,  then click properties, and then in the connection tab click on advanced button
, in extra settings box  enter the value 's2=255' without quites


         s2=255

You can also make search in google as 's2=255 fix'
0
 
LVL 23

Accepted Solution

by:
Tim Holman earned 500 total points
ID: 11791853
Capture some evidence...

1)  Go to http://www.ethereal.com/download.html
2)  Under Windows 98/ME/2000/XP/2003 Installers, select a site near you
3)  Download WinPcap_3_0.exe and ethereal-setup-0.10.4.exe
4)  Install WinPcap_3_0 - double click on the WinPcap_3_0.exe file, just
click OK / Yes throughout
5)  Install ethereal-setup-0.10.4 - double click on the file, accept all the
defaults (OK / Yes throughout)
6)  Start the Ethereal application
7)  Go to Capture > Start
8)  Under Interface, select your Internet facing interface.  If you're
unsure, then select one, and continue.  If it displays results, then you've
got the right interface, if your capture is empty, then select another
interface and carry on...
9)  Under Capture Files, put \capture.cap
10)  Click OK
11)  Capturing will commence....
12)  Capture what you need to
13) Go back to Ethereal, click Stop
14)  Analyse the c:\capture.cap file, or send it to me - tim_holman@hotmail.com
0
 
LVL 1

Expert Comment

by:MinusDriver
ID: 11793765
I've had this same problem before.

ravisimpi hit it right on the nail!!

Solution  Start>Settings>contrl panel>

Double click on modems, select your modem in the list,  then click properties, and then in the connection tab click on advanced button
, in extra settings box  enter the value 's2=255' without quites

         s2=255

This was actually what I had to do.

Good Luck!
0
 

Author Comment

by:andyakira
ID: 11798792
does the s2=255 fix work for cable modem?

tim_holman, i cant send u log because the guy that was atatcked hasnt been online ever since. i think he was nuked hard. ill have to wait till he gets on.
0
 
LVL 5

Expert Comment

by:ravisimpi
ID: 11803567
will you please tell me what actually made your buddy's connection to knock out?


 I thought that Just ATH0 was the culprit
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
The related questions "How do I recover the passwords for my Q-See DVR" and "How can I reset my Q-See DVR to eliminate a password" are seen several times a week.  Here we discuss the grim reality of the situation.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question