Accessibility Resource Center Skip to main content
Get gifts fast with In-Store & Curbside Pickup or same-day delivery.

Being DDOS'd

SOLVED
Reply
Highlighted
Contributor
Contributor
Posts: 2
Registered: ‎11-16-2016

Being DDOS'd

Message 1 of 3
(1,581 Views)

I am getting DDOS'd daily using fragmented UDP packets. Who can I talk to to ask if this can be filtered by Verizon?

 

I am a FIOS business customer, but also a residential customer. My business line is getting the DDOS attacks.

 

Filtering fragmented UDP packets would stop this.

 

Thanks!

art k.

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Platinum Contributor III Platinum Contributor III
Platinum Contributor III
Posts: 7,547
Registered: ‎12-15-2010

Re: Being DDOS'd

Message 3 of 3
(1,468 Views)

If you're being attackeed by IP addresses owned by Verizon and you know what they are, Verizon maintains contact information to their Security and Abuse department here: https://www.verizon.com/support/residential/account/manage-account/security/security-control-center. Otherwise, give Verizon a call and see if their support team will be able to relay your information off to a group which can assist.

 

From my past experience in dealing with an unexpected Denial of Service attack with another provider, typically the solution provided by the provider will be to change your IP address, or to wait it out. UDP attacks are a bit nasty because they are designed to either flood your bandwidth, consume all available sockets and resources on your gateway/firewall (thus preventing new connections in or out), or both.

 

Some other things to consider:

  • Your router should not be responding to ICMP Pings from the entire Internet. If someone wants you offline, ping is the most obvious check. A botnet that is being tested (which I've seen happen on random IPs) for example might use this to see when the target goes offline. It's okay to allow ICMP Ping for monitoring, and you should use the firewall to restrict this behavior to certain IPs.
  • UPnP is disabled. You don't want your network having devices open ports through the firewall on their own in a business environment.
  • Your router's firewall is enabled in general, and is set to Drop, not Reject traffic. Active Rejection is as bad as responding to ICMP Pings when dealing with the Internet at large.
  • Your devices themselves are secure - Remote access tools (TeamViewer, AnyDesk, etc) are behind a two factor authentication solution. Microsoft Remote Desktop is NOT exposed to the Internet, but protected behind a VPN. No malware on any system or undesirable software.

 

View solution in original post

2 REPLIES 2
Highlighted
Platinum Contributor III Platinum Contributor III
Platinum Contributor III
Posts: 7,916
Registered: ‎11-04-2008

Re: Being DDOS'd

Message 2 of 3
(1,529 Views)

I would believe that business customers have a different support vehicle than residential customers. Maybe check your bill for support info.

You can try to reach out via twitter @verizonsupport and see what their recommendation is.


If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem.
Highlighted
Platinum Contributor III Platinum Contributor III
Platinum Contributor III
Posts: 7,547
Registered: ‎12-15-2010

Re: Being DDOS'd

Message 3 of 3
(1,469 Views)

If you're being attackeed by IP addresses owned by Verizon and you know what they are, Verizon maintains contact information to their Security and Abuse department here: https://www.verizon.com/support/residential/account/manage-account/security/security-control-center. Otherwise, give Verizon a call and see if their support team will be able to relay your information off to a group which can assist.

 

From my past experience in dealing with an unexpected Denial of Service attack with another provider, typically the solution provided by the provider will be to change your IP address, or to wait it out. UDP attacks are a bit nasty because they are designed to either flood your bandwidth, consume all available sockets and resources on your gateway/firewall (thus preventing new connections in or out), or both.

 

Some other things to consider:

  • Your router should not be responding to ICMP Pings from the entire Internet. If someone wants you offline, ping is the most obvious check. A botnet that is being tested (which I've seen happen on random IPs) for example might use this to see when the target goes offline. It's okay to allow ICMP Ping for monitoring, and you should use the firewall to restrict this behavior to certain IPs.
  • UPnP is disabled. You don't want your network having devices open ports through the firewall on their own in a business environment.
  • Your router's firewall is enabled in general, and is set to Drop, not Reject traffic. Active Rejection is as bad as responding to ICMP Pings when dealing with the Internet at large.
  • Your devices themselves are secure - Remote access tools (TeamViewer, AnyDesk, etc) are behind a two factor authentication solution. Microsoft Remote Desktop is NOT exposed to the Internet, but protected behind a VPN. No malware on any system or undesirable software.

 

View solution in original post

How-To Videos
 
The following videos were produced by users like you!
   
Videos are subject to the Verizon Fios Community Terms of Service and User Guidelines and contains content that is not created by Verizon.
Covid19


Browse Categories
Categories:
Posts

Verizon Troubleshooters
Unable to find your answer here? Try searching Verizon Troubleshooters for more options.