Basically we have a wireless router at home. My PC is directed wired to it, and the family PC downstairs is connected via a wireless PCI card (router and card are both D-Link manuf.). Both computers are on XP and they share an internet connection. The family PC has been having some really annoying connection problems. Although it shows a perfect connection to the router, it quite often fails to connect to the internet, or more usually the page set as IE's homepage loads and any other pages either load crushingly slowly or not at all. I have tried everything... changing the router settings etc. However as I was sniffing about in the routers admin controls I found this in the log to coincide with some problems tonight: Nov/23/2003 22:13:05 TearDrop Attack Detect 192.168.0.100:1232 64.228.87.189:3186 Packet Dropped Nov/23/2003 21:15:27 TearDrop Attack Detect 192.168.0.100:1232 193.126.131.122:2818 Packet Dropped Nov/23/2003 21:15:27 TearDrop Attack Detect 192.168.0.100:1232 193.126.131.122:2818 Packet Dropped Nov/23/2003 21:15:27 TearDrop Attack Detect 192.168.0.100:1232 193.126.131.122:2818 Packet Dropped Nov/23/2003 15:55:43 Ping of Death Detect 213.39.194.229:33018 82.39.0.22:2234 Packet Dropped I know these are associated with Denial of Service attacks, so why target only the family PC? Also is there anything to stop it? I have tried changing the IP but the connection is just as bad. Any suggestions or clues? Cheers
I have a feeling as soon as I mention the word 'router', Blueyonder won't want to know Is there a way to set a router to block the port in question from outside access?
It's a D-Link 614+. I've emailed their tech support but I've had no reply as of yet This is really frustrating me... Thanks for the help btw
try disabling ICMP (ping) replies. In the Dlink it should be under the Tools sections in your routers config page. the option is labled Block WAN Ping or something like that.
Yep done that now. Seeing if it makes a difference. Sounds useful. I was wondering. Is it likely that on the family PC, there may be some hidden little bugger of an .exe that when the computer goes online, it somehow communicates with a remote computer that launches the attack? I know some viruses work in a similar way... hmm.
Odds arn't really good on that, any malware that would be broadcasting from a machine internal to the router would broadcast the internal IP which is probably a 192.168.x.x and wouldn't really get the attacking computer anywhere, so since your router is being attacked, its more likley just annoying kids!
So how come my connection is never affected and just the family PC? In the log, all the records of attacks are to the family PC Ip only and not mine. Damn I'm puzzled.
You’re router is not set up as a firewall…consequently all request are being passed on to the internal network and it seems that the one PC is doing a lot listening. It could also be doing a lot of broadcasting, letting the whole world know where it is. I am not going to go into the details because it would just give some immature person a head start on hacking. Do a search on firewalling and follow their advice. D-Link will also help you config the router.
