JKee 0 Posted February 8, 2018 Share Posted February 8, 2018 Hello, I have been warned by ESET that I have been TCP-attacked multiple times in a minute. I was given IP's that have been abusing me and wrote them down on a .txt file just in case I will need them. Not sure if that is related but my network connection has been going wild just an hour before TCP attacks started. Any suggestions what should I do? Anything I can do with the IP's I wrote down to stop TCP attacks? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,909 Posted February 8, 2018 Administrators Share Posted February 8, 2018 Are you behind a router with NAT? Are the attacks coming from outside or from other devices in the network? Link to comment Share on other sites More sharing options...
JKee 0 Posted February 8, 2018 Author Share Posted February 8, 2018 I live alone so I decided I will need no router, so I do not have it. It is only 1 "internet wire" plugged to my computer, so it must be attacks from outside, not other devices connected to my network. Link to comment Share on other sites More sharing options...
JKee 0 Posted February 8, 2018 Author Share Posted February 8, 2018 By the way, there is one very odd thing. I was fast enough to write down 4 IP's I was told attacking me and two of them are almost identical, xxx.xx.xxx.xx4 and xxx.xx.xxx.xx1. Link to comment Share on other sites More sharing options...
itman 1,627 Posted February 8, 2018 Share Posted February 8, 2018 Need more information. Post a screen shot of the Eset alert you are receiving. Link to comment Share on other sites More sharing options...
TomFace 539 Posted February 8, 2018 Share Posted February 8, 2018 (edited) If you have the IP addresses you can look them up at http://www.whatsmyip.org/ip-geo-location/ Also Domain Tools may be able to provide some additional information.http://research.domaintools.com/ Only enter the first 4 sets of numbers (i.e. 222.186.138. 64). Edited February 8, 2018 by TomFace Link to comment Share on other sites More sharing options...
JKee 0 Posted February 8, 2018 Author Share Posted February 8, 2018 I do not have an exact screenshot of it but it said something like this: "A computer (IP) on the network is sending malicious traffic, it might be an attempt to attack you". Checking the IP addresses on hxxp://www.whatsmyip.org/ip-geo-location/ will take the map to the ocean of north-west Africa. Link to comment Share on other sites More sharing options...
itman 1,627 Posted February 9, 2018 Share Posted February 9, 2018 (edited) Refer to this Eset Knowledge Base article: https://support.eset.com/kb2939/ . As noted in the below excerpt if the IP address/addresses fall in one of the ranges shown, you're going to have to exclude it from IDS detection: Quote Examples of internal IP address ranges known to be safe (where "x" is 0-255): 172.16.x.x - 172.31.x.x 192.168.x.x 10.x.x.x Edited February 9, 2018 by itman Link to comment Share on other sites More sharing options...
Recommended Posts