Solved

DDOS information about ip's, gateways and how it works

Posted on 2016-11-17
2
170 Views
1 Endorsement
Last Modified: 2016-11-30
Hi.

Lets say router 123.124.3.12 is under a DDOS attack.
I got another router 123.124.3.13.
The gatewaye for both is 123.124.3.11

If i disconnect router 123.124.3.12, will the attack then stop?

If the attack does not stop, what is under attack? Still 123.124.3.12? Or maybe the gateway 123.124.3.11?

Is there any way to be sure what ip is/gateway under the attack?




----- If some ip is under attack, does it even matter if some router is in the end of the ip's attack? Or will it just stop the whole gateway from working, even if nothing is connected?
1
Comment
Question by:Mike Kristensen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Assisted Solution

by:serialband
serialband earned 250 total points
ID: 41891769
It depends.

If they're targeting just the IP address, then, yes it will stop if you disconnect it.  The packets would have nowhere to go.

If they're targeting DNS names and you have redundant routes, then, no, it won't stop.  That's also assuming you're using an external DNS provider that has more capacity than your own systems.
1
 
LVL 29

Accepted Solution

by:
masnrock earned 250 total points
ID: 41896075
Sounds like your IPs are from a cable company.

But to answer your question, if you're noticing the router still having a considerable amount of traffic after changing the IP, the attackers be could attacking by IP range, subnet, or DNS name....

The only way you're going to know for sure how broad an attack is going on would probably by checking the with ISP. They will notice an abnormally high amount of traffic, but they will argue that it's your job to properly secure yourself.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question