Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3
3344 posts

Uber Geek
+1 received by user: 1089

Trusted
Vocus

  # 985120 12-Feb-2014 14:31
Send private message

Now you've enabled the firewall that excess traffic ought to stop.  You'll soon know...



18 posts

Geek


  # 985122 12-Feb-2014 14:33
Send private message

When I logged on this morning to check my usage it said I had already used 10gb of data today (download + upload) and none of the computers were on during the night lol

 
 
 
 


345 posts

Ultimate Geek
+1 received by user: 59

Trusted

  # 985123 12-Feb-2014 14:37
Send private message

Also, have you reviewed your plan recently? You should consider a move to the Unlimited plan $100 per month from memory, that way, even after your review of your network security, you won't ever be stung with over usage should you ever be breached




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon



18 posts

Geek


  # 985124 12-Feb-2014 14:37
Send private message

I'll change the SSID and the password and hopefully that fixes it, thanks for all your help much easier then calling up and talking to someone who has no clue!

3344 posts

Uber Geek
+1 received by user: 1089

Trusted
Vocus

  # 985126 12-Feb-2014 14:38
One person supports this post
Send private message

The computers aren't involved.  Opening the firewall will mean the router will listen for DNS queries on the public interface.  Then it gets used in DNS amplification attacks, which seem to be very much in vogue right now.

http://www.watchguard.com/infocenter/editorial/41649.asp

https://www.us-cert.gov/ncas/alerts/TA13-088A

We're looking into potentially preventing users from disabling the firewall for this reason, but it is always on by default.

345 posts

Ultimate Geek
+1 received by user: 59

Trusted

  # 985129 12-Feb-2014 14:41
Send private message

Viscery: When I logged on this morning to check my usage it said I had already used 10gb of data today (download + upload) and none of the computers were on during the night lol


Ok then I would say your definitely getting DDoS'd. That explains your download usage. I would make sure the firewall is enabled. With the default security policy, reboot the modem so that it gains another IP address, so whoever is getting a reply off of you IP will cease hopefully. That should fix your problem.
Disabling that firewall is a big no no






4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

345 posts

Ultimate Geek
+1 received by user: 59

Trusted

  # 985131 12-Feb-2014 14:41
Send private message

Viscery: I'll change the SSID and the password and hopefully that fixes it, thanks for all your help much easier then calling up and talking to someone who has no clue!


Good network practice to change it every so often any way.




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

 
 
 
 


345 posts

Ultimate Geek
+1 received by user: 59

Trusted

  # 985151 12-Feb-2014 14:48
Send private message

I'm going to check your firewall is configured correctly then bounce the connection to get it to re-authenticate with a new IP address.
So you're going to experience a loss in service for a few moments. I'll make sure I see it come back before I leave this though other wise I will call you on the contact details listed on your account.

The WI-FI configuration I will leave to you to decide what to do :)




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

345 posts

Ultimate Geek
+1 received by user: 59

Trusted

  # 985164 12-Feb-2014 14:59
Send private message

Ok all done, your firewall is functioning as it should be, and you've grabbed a new external IP address.
I would expect to see your usage drop right down tomorrow.

If not, please repost, and we will be more than happy to relook into this again.




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon



18 posts

Geek


  # 985174 12-Feb-2014 15:10
Send private message

Splendid, will do. Thanks so much!

345 posts

Ultimate Geek
+1 received by user: 59

Trusted

  # 985175 12-Feb-2014 15:11
Send private message

No worries! :)




4th gen i7 Haswell 4770k, G.SKILL RipjawsX 16GB (4x4 Gb) DDR3 2400MHz, x1 GTS 460, Intel 180Gb 530 Series SSD, x1 Seagate 1Tb HDD, x1 Seagate 2Tb HDD, Modular 850w PSU, R.O.G. Maximus VII Formula mobo, Cooler Master Storm Trooper Chassis, Cooler Master V8 CPU cooler

"Five exclamation marks, the sure sign of an insane mind." - Terry Pratchett

No longer work for Orcon

3361 posts

Uber Geek
+1 received by user: 1116

Trusted
Lifetime subscriber

  # 985283 12-Feb-2014 16:54
Send private message

Consider a MAC address whitelist for your wifi as well. It adds another little dimension to your overall security.

40 posts

Geek
+1 received by user: 3


  # 985284 12-Feb-2014 16:55
Send private message

Last time this happened in our house I traced it to spotify doing it p2p thing

3344 posts

Uber Geek
+1 received by user: 1089

Trusted
Vocus

  # 985285 12-Feb-2014 17:04
One person supports this post
Send private message

killerkiwinz: Last time this happened in our house I traced it to spotify doing it p2p thing


Yes, one of our staff members had this also, bit of a trap.  I might see if we can get a sticky for high data usage with a few of these culprits in it.

3360 posts

Uber Geek
+1 received by user: 716

Trusted

  # 986530 13-Feb-2014 03:01
One person supports this post
Send private message

FlameBeard:
That coupled with the fact your firewall has been disabled, I suspect my friend you're being DDoS'd or some other form of attack



One of our customers had a kid that pissed off another player in some game. The foreign player rented a botnet and launched a ddos against our customer's ip address. In 30 minutes he had 18gb of data coming into our network and delivered to his rooftop radio - where the firewall dropped the traffic. Unfortunatley for him, the data was directed at his ip address and we delivered it to the end point so the customer got charged for the data.

Thats the thing, an ISP is just a delivery mechanism. If someone else directs traffic at you, the isp doesnt know if you want it or not so all we can do is deliver it. In this particular case the kid was warned if he kept up his antics the foreign player was going to do it, and it took down our network for 30 minutes so I wasnt happy and wasnt much I could do but wait it out.

It can happen to anyone and affect huge amounts of people - in our case this kid's antics only affected a valley of 40 customers, but Level3 in the USA which is the big bohemoth ISP-of-ISP's which is affecting thousands of customers of ISPs that buy data pipes off them, and who transit through their network.




Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




1 | 2 | 3
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Dunedin selects Telensa to deliver smart street lighting for 15,000 LEDs
Posted 18-Jul-2019 10:21


Sprint announces a connected wallet card with built-in IoT support
Posted 18-Jul-2019 08:36


Educational tool developed at Otago makes international launch
Posted 17-Jul-2019 21:57


Symantec introduces cloud access security solution
Posted 17-Jul-2019 21:48


New Zealand government unveils new digital service to make business easier
Posted 16-Jul-2019 17:35


Scientists unveil image of quantum entanglement
Posted 13-Jul-2019 06:00


Hackers to be challenged at University of Waikato
Posted 12-Jul-2019 21:34


OPPO Reno Z now available in New Zealand
Posted 12-Jul-2019 21:28


Sony introduces WF-1000XM3 wireless headphones with noise cancellation
Posted 8-Jul-2019 16:56


Xero announces new smarter tools, push into the North American market
Posted 19-Jun-2019 17:20


New report by Unisys shows New Zealanders want action by social platform companies and police to monitor social media sites
Posted 19-Jun-2019 17:09


ASB adds Google Pay option to contactless payments
Posted 19-Jun-2019 17:05


New Zealand PC Market declines on the back of high channel inventory, IDC reports
Posted 18-Jun-2019 17:35


Air New Zealand uses drones to inspect aircraft
Posted 17-Jun-2019 15:39


TCL Electronics launches its first-ever 8K TV
Posted 17-Jun-2019 15:18



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.