Xfinity plant
Community Forum
Xfinity globe

Multiple DoS attacks over the last month

New Poster

Multiple DoS attacks over the last month

I have been getting multiple DoS attacks over the last month and these are real DoS attacks, not a fluke or anything. I have been playing an online game and every now and then some clown will directly call out that he is going to DDoS attack us and right after my ping shoots to near 1000 and my internet connection cuts out. I saw these in the event logs at those times:

 

Firewall[506]: DoS Attack - ICMP Flooding IN=erouter0 OUT= MAC=REDACTED src=167.142.61.98 DST=REDACTED LEN=96 TOS=00 PREC=0x20 TTL=55 ID=11241 PROTO=ICMP TYPE=3 CODE=1 

Firewall[506]: DoS Attack - TCP SYN Flooding IN=erouter0 OUT= MAC=REDACTED src=84.108.159.183 DST=REDACTED LEN=52 TOS=00 PREC=0x20 TTL=107 ID=3562 DF PROTO=TCP SPT=61320 DPT=42218 SEQ=4294

Firewall[506]: DoS Attack - TCP SYN Flooding IN=erouter0 OUT= MAC=REDACTED src=5.8.18.18 DST=REDACTED LEN=40 TOS=00 PREC=0x20 TTL=239 ID=123 PROTO=TCP SPT=65530 DPT=3328 SEQ=100 ACK=0 WIND

 

It has happened at least 5 or 6 times in the last month and provides for a bad experience. I changed my firewall settings to Custom and made sure "Block ICMP" is checked however it seemed there were other types of DoS attacks besides ICMP flooding so I'm not sure how much it would help. Is there something I can do about this?

Expert

Re: Multiple DoS attacks over the last month

You could try changing your WAN / public IP address. If you are using a router that has a MAC address cloning feature, you can clone a different MAC address in to it. This will force a change of your Comcast assigned WAN / public IP address.

Contributor

Re: Multiple DoS attacks over the last month

.