• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

ICMP attacks for me! help!

Joined
May 4, 2013
Messages
98 (0.02/day)
My friend is attacking me to the ICMP attack for my router.
my router model is TP-LINK WR841N.
how i stop the attacks?
 

Bo$$

Lab Extraordinaire
Joined
May 7, 2009
Messages
5,656 (1.04/day)
Location
London, UK
System Name Desktop | Server
Processor Intel i7 2700k @ 4.6GHZ | AMD 5350 @ 2500MHZ
Motherboard Asus P7Z77-V Pro | Asus AM1I-A
Cooling Corsair H60v2 | Stock Air
Memory Crucial Ballistix 2x8GB CL8 1600MHZ | Corsair Vengence 2x4GB CL9 1600MHZ
Video Card(s) EVGA GTX 1060 6GB | PNY GTX 750Ti
Storage Samsung 840 EVO 250GB + 4TB WD Red | 2x Seagate Barracuda 2TB
Display(s) Samsung S27D390H + Asus VE276Q | Headless
Case Fractal Design R5 | CM Elite 110
Audio Device(s) Asus Xonar D1 w/Otone Stilo 5.1 and Creative Fatal1ty headset
Power Supply EVGA Supernova 850 G2| Corsair CX430M
Mouse Razer Imperator 2012
Keyboard Corsair K90
Software Windows 7 SP1 X64 | Ubuntu 16.04LTS
how i stop the attacks?

Well you pay him a visit, Knock on his door, as he opens it, knock him the fuck out. :slap:
Just attack him. simple shit man.
 
Joined
Mar 26, 2010
Messages
9,762 (1.91/day)
Location
Jakarta, Indonesia
System Name micropage7
Processor Intel Xeon X3470
Motherboard Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling Enermax ETS-T40F
Memory Samsung 8.00GB Dual-Channel DDR3
Video Card(s) NVIDIA Quadro FX 1800
Storage V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s) Samsung 21 inch LCD Wide Screen
Case Icute Super 18
Audio Device(s) Auzentech X-Fi Forte
Power Supply Silverstone 600 Watt
Mouse Logitech G502
Keyboard Sades Excalibur + Taihao keycaps
Software Win 7 64-bit
Benchmark Scores Classified
Well you pay him a visit, Knock on his door, as he opens it, knock him the fuck out. :slap:
Just attack him. simple shit man.

LOL.. you make me laugh
yea, why your friend attack you? :confused:
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
26,937 (3.72/day)
Processor Ryzen 7 5700X
Memory 48 GB
Video Card(s) RTX 4080
Storage 2x HDD RAID 1, 3x M.2 NVMe
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 10 64-bit
If you have a dynamic IP, just disconnect your router and reconnect so it fetches another IP.

There is nothing else you can do on your end to mitigate the attack, as it's overloading your incoming line. You could call your ISP and explain the situation, they can drop all packets from your friend before they enter your line, but this usually also means they'll inform the authorities
 
Joined
May 13, 2010
Messages
5,616 (1.11/day)
System Name RemixedBeast-NX
Processor Intel Xeon E5-2690 @ 2.9Ghz (8C/16T)
Motherboard Dell Inc. 08HPGT (CPU 1)
Cooling Dell Standard
Memory 24GB ECC
Video Card(s) Gigabyte Nvidia RTX2060 6GB
Storage 2TB Samsung 860 EVO SSD//2TB WD Black HDD
Display(s) Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900
Case Dell Precision T3600 Chassis
Audio Device(s) Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC
Power Supply 630w Dell T3600 PSU
Mouse Logitech G700s/G502
Keyboard Logitech K740
Software Linux Mint 20
Benchmark Scores Network: APs: Cisco Meraki MR32, Ubiquiti Unifi AP-AC-LR and Lite Router/Sw:Meraki MX64 MS220-8P
Bo$$ had the best solution
 

Aquinus

Resident Wat-man
Joined
Jan 28, 2012
Messages
13,147 (2.97/day)
Location
Concord, NH, USA
System Name Apollo
Processor Intel Core i9 9880H
Motherboard Some proprietary Apple thing.
Memory 64GB DDR4-2667
Video Card(s) AMD Radeon Pro 5600M, 8GB HBM2
Storage 1TB Apple NVMe, 4TB External
Display(s) Laptop @ 3072x1920 + 2x LG 5k Ultrafine TB3 displays
Case MacBook Pro (16", 2019)
Audio Device(s) AirPods Pro, Sennheiser HD 380s w/ FIIO Alpen 2, or Logitech 2.1 Speakers
Power Supply 96w Power Adapter
Mouse Logitech MX Master 3
Keyboard Logitech G915, GL Clicky
Software MacOS 12.1
If you have a dynamic IP, just disconnect your router and reconnect so it fetches another IP.

There is nothing else you can do on your end to mitigate the attack, as it's overloading your incoming line. You could call your ISP and explain the situation, they can drop all packets from your friend before they enter your line, but this usually also means they'll inform the authorities

If you use a spoofed MAC address on your router and restart your modem, DHCP will automatically get you a new IP. Just restarting the modem won't get you a new IP unless the lease time is incredibly short and more often than not I find that it's an hour or longer (mine is several days,) so the only way for me to force it to give me a new IP is by using a different MAC.

Afterwards you should do what Bo$$ described. You have to make sure it doesn't happen again. :)

You could also tell your router to block incoming ICMP packets, most routers can do this.

Edit:
Here we go, nothing like a user manual to help you out:
icmp.PNG


Enable both highlighted settings and set the packets/s for the ICMP flood filter to 25. That should work nicely.

Now you really can tell him to shove it and do what Bo$$ suggested and you know regardless of the outcome, he won't be doing it again. :)
 
Last edited:

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
26,937 (3.72/day)
Processor Ryzen 7 5700X
Memory 48 GB
Video Card(s) RTX 4080
Storage 2x HDD RAID 1, 3x M.2 NVMe
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 10 64-bit
ICMP flood filter

that wont work, unless your network connection has more bandwidth than the attacker has bandwidth. no matter what you set on the router, packets will still travel from your ISP to your router and congest your line
 
Joined
May 1, 2008
Messages
1,039 (0.18/day)
Location
Frankfurt/Main - Germany
System Name Shaman of Sexy
Processor AMD Phenom II X4 955 BE@4Ghz EK Supreme Block
Motherboard M3A79-T Deluxe Anfi-Tech Waterblocks
Cooling Magicool 360 + 120 + 120 Slim scythe slipped Laing DDC-1/T
Memory 4GB Corsair Dominator CM2X2048-8500C5D
Video Card(s) Sapphire ATI Radeon HD 4870 X2 EK 4870 X2 Block
Storage RAID 0 Seagate
Display(s) Samsung 226BW 22"
Case CoolerMaster Cosmos RC-1000 in mod progress
Audio Device(s) onboard
Power Supply Coba Nitrox 750W
Software Windows 7 Ultimate
Benchmark Scores http://service.futuremark.com/compare?3dmv=1056967
use some tool like "wireshark" to catch the ICMP flood attack by pattern (usually it is mainly same type / size),
match it and drop that packets directly on router via iptables rules set .....
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
26,937 (3.72/day)
Processor Ryzen 7 5700X
Memory 48 GB
Video Card(s) RTX 4080
Storage 2x HDD RAID 1, 3x M.2 NVMe
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 10 64-bit
use some tool like "wireshark" to catch the ICMP flood attack by pattern, match it and drop that packets directly on router via iptables rules set .....

see my previous post
 
Joined
May 1, 2008
Messages
1,039 (0.18/day)
Location
Frankfurt/Main - Germany
System Name Shaman of Sexy
Processor AMD Phenom II X4 955 BE@4Ghz EK Supreme Block
Motherboard M3A79-T Deluxe Anfi-Tech Waterblocks
Cooling Magicool 360 + 120 + 120 Slim scythe slipped Laing DDC-1/T
Memory 4GB Corsair Dominator CM2X2048-8500C5D
Video Card(s) Sapphire ATI Radeon HD 4870 X2 EK 4870 X2 Block
Storage RAID 0 Seagate
Display(s) Samsung 226BW 22"
Case CoolerMaster Cosmos RC-1000 in mod progress
Audio Device(s) onboard
Power Supply Coba Nitrox 750W
Software Windows 7 Ultimate
Benchmark Scores http://service.futuremark.com/compare?3dmv=1056967
see my previous post

works m8, done this on DNS Reflection Attack for Anycast..... :)
it drops by rule hex notation in packet header
 
Joined
May 4, 2013
Messages
98 (0.02/day)
Enable both highlighted settings and set the packets/s for the ICMP flood filter to 25. That should work nicely.

Now you really can tell him to shove it and do what Bo$$ suggested and you know regardless of the outcome, he won't be doing it again.


works or not?
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
26,937 (3.72/day)
Processor Ryzen 7 5700X
Memory 48 GB
Video Card(s) RTX 4080
Storage 2x HDD RAID 1, 3x M.2 NVMe
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 10 64-bit
works m8, done this on DNS Reflection Attack for Anycast..... :)
it drops by rule hex notation in packet header

it might work on some attacks, but not on a normal icmp flood or any other type of attack that's trying to use up all your incoming bandwidth
 
Joined
Sep 4, 2009
Messages
974 (0.18/day)
System Name Grond
Processor Ryen 5 3600x PBO ~ 4.4GHz / fabric at 1900
Motherboard MSI b550 Tomahawk
Cooling XSPC Raystorm CPU w/ am4 mounting bracket+ 2 RX360 radiator + xspc Razor R9-290 w/ backplate
Memory 32gb Crucial Ballistix @ 3800
Video Card(s) XFX R9 290 w/ XSPC Razor full cover block and backplate
Storage WD SN850 1tb-OS, SN750 1tb, Samsung 860 Evo 1tb, WD blue hdd 4tb
Display(s) Samsung 23" 120hz 3d LCD w/ 3d glasses, using 'lightboost' trick
Case NZXT H630 white watercooling case
Audio Device(s) Onboard realtek ALC 1200+ Sennheiser HD 598
Power Supply XFX Pro 850 XXX semi-modular
Mouse Logitech G703 Wireless
Keyboard Steelseries 6 v2
Software Windows 10 Pro (Had some mystery error on Win7 and decided to go W10)
Call your ISP, call the police. If someone is doing this to you, they are not your friend. Find out the penalties for cybercrimes and inform him that you will take action to stop him.

If you aren't going to do that, then do as Bo$$ suggested.
 
Joined
May 30, 2007
Messages
9,019 (1.47/day)
System Name Black Panther
Processor i9 9900k
Motherboard Gigabyte Z390 AORUS PRO Wifi 1.0
Cooling NZXT Kraken X72 360mm
Memory 2 x 8GB Corsair Vengeance RGB Pro DDR4 3600Mhz
Video Card(s) Palit RTX2080 Ti Dual 11GB DDR6
Storage Samsung EVO 970 500GB SSD M.2 & 2TB Seagate Barracuda 7200rpm
Display(s) 32'' Gigabyte G32QC 2560x1440 165Hz
Case NZXT H710i Black
Audio Device(s) Razer Electra V2 & Z5500 Speakers
Power Supply Seasonic Focus GX-850 Gold 80+
Mouse Some Corsair lost the box forgot the model
Keyboard Motospeed
Software Windows 10
Tell him you're serious about calling the police. A joke for a couple of minutes might be ok, but if he persists...
 
Joined
May 4, 2013
Messages
98 (0.02/day)
By the way, my previous router did not work anymore since the attacks. It affects?
and we are purchase the TP-LINK router from ISPs.
 
Joined
May 13, 2010
Messages
5,616 (1.11/day)
System Name RemixedBeast-NX
Processor Intel Xeon E5-2690 @ 2.9Ghz (8C/16T)
Motherboard Dell Inc. 08HPGT (CPU 1)
Cooling Dell Standard
Memory 24GB ECC
Video Card(s) Gigabyte Nvidia RTX2060 6GB
Storage 2TB Samsung 860 EVO SSD//2TB WD Black HDD
Display(s) Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900
Case Dell Precision T3600 Chassis
Audio Device(s) Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC
Power Supply 630w Dell T3600 PSU
Mouse Logitech G700s/G502
Keyboard Logitech K740
Software Linux Mint 20
Benchmark Scores Network: APs: Cisco Meraki MR32, Ubiquiti Unifi AP-AC-LR and Lite Router/Sw:Meraki MX64 MS220-8P
They are not a good friend
 
Joined
May 14, 2009
Messages
2,132 (0.39/day)
Location
Chicago burbs
System Name Halloween Boo!
Processor Intel Core i7 3770K
Motherboard Gigabyte Z77-Up7
Cooling Custom Water/ Thermalchill TA 120.3/ Swiftech Apogeee XT/ MCP655/ Swiftech M icrores/ XSPC RX 240
Memory 16G G.Skill trident 2400MHz
Video Card(s) 3 x Radeon 7970
Storage OCZ Revo Drive 240G
Display(s) 24 inch Viewsonic
Case Phobia WayCoolIt Test Bench
Power Supply Nexus 1100 watt
Get one of these:



  1. Knock on his door
  2. Quickly pull the trigger on the stun gun
  3. Watch him fall
  4. Go back home and look at your animal porn
 
Joined
May 13, 2010
Messages
5,616 (1.11/day)
System Name RemixedBeast-NX
Processor Intel Xeon E5-2690 @ 2.9Ghz (8C/16T)
Motherboard Dell Inc. 08HPGT (CPU 1)
Cooling Dell Standard
Memory 24GB ECC
Video Card(s) Gigabyte Nvidia RTX2060 6GB
Storage 2TB Samsung 860 EVO SSD//2TB WD Black HDD
Display(s) Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900
Case Dell Precision T3600 Chassis
Audio Device(s) Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC
Power Supply 630w Dell T3600 PSU
Mouse Logitech G700s/G502
Keyboard Logitech K740
Software Linux Mint 20
Benchmark Scores Network: APs: Cisco Meraki MR32, Ubiquiti Unifi AP-AC-LR and Lite Router/Sw:Meraki MX64 MS220-8P
Make your friend get you a new router and pay for your connection for the next few years and also do what Dr. Deathx said
 
Joined
May 4, 2013
Messages
98 (0.02/day)
By the way, my previous router did not work anymore since the attacks. It affects?
and we are purchase the TP-LINK router from ISPs.
 
Top