DoS ICMP attacks

[pob81]

Hi all...I am experiencing DoS ICMP attacks on my home network &  sadly have comcast.  I will be changing my IP.  However, my general question is ...Are there any hardware devices with logic that could be placed before the modem or after the router that could deal with DoS ICMP attacks....??  Thank to all for any info provided.....Pat

[WereCatf]

10 minutes ago, pob81 said:

Hi all...I am experiencing DoS ICMP attacks on my home network &  sadly have comcast.  I will be changing my IP.  However, my general question is ...Are there any hardware devices with logic that could be placed before the modem or after the router that could deal with DoS ICMP attacks....??  Thank to all for any info provided.....Pat

That device is called a router and they generally allow you to disable ICMP-replies to WAN. If your router doesn't, well, then you have to replace it with something else.

[Cosmos1234]

1 hour ago, pob81 said:

Hi all...I am experiencing DoS ICMP attacks on my home network &  sadly have comcast.  I will be changing my IP.  However, my general question is ...Are there any hardware devices with logic that could be placed before the modem or after the router that could deal with DoS ICMP attacks....??  Thank to all for any info provided.....Pat

You can just buy a router with a firewall.that should fix your problem.

[bcguru9384]

3 hours ago, pob81 said:

Hi all...I am experiencing DoS ICMP attacks on my home network &  sadly have comcast.  I will be changing my IP.  However, my general question is ...Are there any hardware devices with logic that could be placed before the modem or after the router that could deal with DoS ICMP attacks....??  Thank to all for any info provided.....Pat

windows firewall can selectively filter icmp using firewall advanced settings(as well as just completely ignore icmp)

type windows advanced firewall icmp settings into search engine

[tt2468]

3 hours ago, pob81 said:

Hi all...I am experiencing DoS ICMP attacks on my home network &  sadly have comcast.  I will be changing my IP.  However, my general question is ...Are there any hardware devices with logic that could be placed before the modem or after the router that could deal with DoS ICMP attacks....??  Thank to all for any info provided.....Pat

ICMP attacks are only effective nowadays as a way to fill up the available bandwidth of a target's internet connection. If they are filling up your 'pipe', then there's nothing you can really do about it except get a faster connection or change your IP.

[BSpendlove]

21 hours ago, Cosmos1234 said:

You can just buy a router with a firewall.that should fix your problem.

That'll fix nothing, as above said, 

 

Filtering is fine and don't need to buy a dedicated firewall to 'fix' this problem, the line will still saturate and hog the bandwidth. No you can't just filter icmp also for others suggesting it and a firewall will do nothing other than drop the packets when it hits the public facing interface if told to do so.

[pob81]

Thanks all for some thoughtful responses.  I am changing my IP address that is allocated by comcast.  I also found some info in the Cisco forums about creating a trusted list that you only echo back to.   Thanks again

[bcguru9384]

14 minutes ago, pob81 said:

Thanks all for some thoughtful responses.  I am changing my IP address that is allocated by comcast.  I also found some info in the Cisco forums about creating a trusted list that you only echo back to.   Thanks again

in reality you should only have to contact ISP and they can do criminal prosecution.

this is most legal way as your ISP can filter this traffic out of their systems with firewall rules and then use firewall logs with timestamps for case prosecuters use in court

vpn or not the ISP knows where data came from

VPN use IP addresses from outside ISP purchased address pool so if client uses VPN the ISP sees this

VPN are for fooling basic firewall blocks to services and not privacy for if you want privacy you want http transport mode(end to end encryption) vs VPN P2P mode(point to point encryption means every hop has its own cipher but also means every hop data decrypted then reencrypted so for few moments you data has no encryption at all) 

i will take my https 2048bit rsa all day to a VPN(sorry for off topic but im waiting see idiot suggest tunnelbear)

you can go into your cmd prompt

netsh

int

tcp

set

security

set mpp=enabled

startport=0

portcount=65536

protocol=tcp/udp/http etc(maybe even ICMP)

mpp memory pressure protection

[bcguru9384]

best advice is contact ISP

to cause intentional disruption to a communications line is federal crime

1986 fraud and abuse act

this even covers asshole IT professionals who intentionaly cause problems(as this is an abuse of authorized access)

all these scammers who pretend to fix your pc are also GUILTY of this abuse of authorized access and does Intel and AMD master chips fit this as well???

[Donut417]

3 hours ago, bcguru9384 said:

best advice is contact ISP

to cause intentional disruption to a communications line is federal crime

1986 fraud and abuse act

this even covers asshole IT professionals who intentionaly cause problems(as this is an abuse of authorized access)

all these scammers who pretend to fix your pc are also GUILTY of this abuse of authorized access and does Intel and AMD master chips fit this as well???

I highly doubt Comcast will sue the offender. The fact is, if its only an issue for one customer they dont give a fuck. If its an issue with a larger part of there network then they will be screaming bloody murder. Plus, its not up to Comcast. Comcast is not a law enforcement agency. They would have to contact the FBI and due to the fact it was only one person that was most likely affected by this, the FBI might not investigate. 

[bcguru9384]

23 minutes ago, Donut417 said:

I highly doubt Comcast will sue the offender. The fact is, if its only an issue for one customer they dont give a fuck. If its an issue with a larger part of there network then they will be screaming bloody murder. Plus, its not up to Comcast. Comcast is not a law enforcement agency. They would have to contact the FBI and due to the fact it was only one person that was most likely affected by this, the FBI might not investigate. 

1986 federal abuse and fraud act

if offender is harming communications then feds have to help

its the law

but fact is we here in USA use the "ignore it and it goes away" theory

time for that to change

comcast will change its pratices or be replaced as this is also USA way

if ISPs standup the can nearly eliminate all digital crime(especially very easy to SEE DDOS style "communications") just so they are not found guilty of a abuse of authorized access by failing to gurantee in their powers their subscribers access to their network "communications" line

IT let's start being proactive

use your businesses attorneys to get legal rights to force legal actions....... use the laws to provide safer cleaner services to your customers

[Donut417]

2 hours ago, bcguru9384 said:

1986 federal abuse and fraud act

if offender is harming communications then feds have to help

its the law

but fact is we here in USA use the "ignore it and it goes away" theory

time for that to change

comcast will change its pratices or be replaced as this is also USA way

if ISPs standup the can nearly eliminate all digital crime(especially very easy to SEE DDOS style "communications") just so they are not found guilty of a abuse of authorized access by failing to gurantee in their powers their subscribers access to their network "communications" line

IT let's start being proactive

use your businesses attorneys to get legal rights to force legal actions....... use the laws to provide safer cleaner services to your customers

At the end though. Comcast has to rely on the FEDs to get the job done. The FED's might not think its a big enough issue to investigate. Just because its a Federal Law doesnt mean the government will investigate it. Not when they are investigate all the sexual harassment in Washington and the whole Russia thing. Also counterfeiting is also a Federal Crime, but the Secret Service only conducts an investigation if the amount of bills is over $5000, if its under then its local jurisdiction.  Same could applied to Computer Crime laws as well, and you know for a fact Local police are fuck tards and have no clue what the fuck is going on. 

 

The point Im making is this. If the OP is the only person affected, Comcast and the goverment for that matter, dont give a fuck. Now if Half the Comcast network were affected, then someone is going to Federal Prison. Because at the end of the day, Comcast does not have time to go searching for that one guy. Also, its not clear if these attack came from with in the US or outside the boarders of the US. As if it came from outside, Comcast has very little they can do on their own. As then you have to involve the State Department and other Government agencies.