proved DDoD attacked our internet provider on 5/17/2025 around 10am *updated 5/19/2025
2025/05/20 12:56
瀏覽0
迴響0
推薦0
引用0
(2025/05/18) proved DDoD attacked our internet provider on 5/17/2025 around 10am
a DDoS attack targets websites and servers also impact ...
Udn 部落格 https://classic-blog.udn.com › amt...·7 days ago (ie 5/10-5/11/2025 cant visit router admin website the logs showed DDoD attacked internet provider and our 2 notebooks which also messed up logs date after can visit)
— ... 149.75.231.61:57241 208.59.247.45:53. DoS attack: TCP- or UDP-based Port Scan] from 208.59.247.45, port 53 1 Sun May 11 04:03:58 2025 149.75 ...
--which i also posted in here 360doc.
so searched [ip address what is 149.75.231.61?] got: The IP address 149.75.231.61 is associated with the Internet Service Provider (ISP) Google and the organization Google LLC. Its also likely associated with a hostname related to Google.
visited [https://www.whois.com/whois/ and typed 149.75.231.61:57241] showed: Whois IP 149.75.231.61
Updated 14 hours ago (ie 5/17/2025 around 10am period now here is 5/18 12:50am) spouse called the company 5/17 11:12am complained internet cant connect after ourself tried hardware reset router, and changed strong password, set up....
...NetName/Organization /OrgName [our internet provider]
...Comment: For all abuse issues, please contact email@rcn.com
--the question is without reading this report wont know we were abused but called the company 5/7? that declared $70+/mm renting the company router can get help. until 5/10-5/11 cant visit rounter admin website, 5/17 even worse cant connect wifi.
the weird is the end of report on the bottom showed [%ok] ps i wanted to post the report but not sure whether against whois.com agreement i signed. it also remind me not just 2023 every year toward Sep-Nov we suffered internet frequently broke and they sent tech to examine but found nothing wrong indoors, 2 times declared the wiring either connected to wrong in their box hanged with nearby pole power line or replaced our underground wired(which replaced twice after 1st time installed in 2021), last year declared rusted in connection box hanged in our outdoor wall.
we was xfinity client from 2017-2021 and ATT 1996 (spouse bought the house)-2013, then 2013-2017(moved to current house) they only installed lines once until our neighbour snow shovel guy hit our outdoor wall box and xfinity didnt in time fixed the broke box which caused internet frequently broke.
5/19/2025 visited router admin website advanced>administration> logs and event log which quite good didnt see DDoD attack again except one time DoS attack my notebook as:
[DoS attack: IP packet w/MC or BC SRC addr] from 207.172.19.255, port 0
1 Sun May 18 22:25:27 2025 192.168.0.xx:0 207.172.19.255:0
also verified wireless channel that better than before didnt see weird others WiFi stick to our 2.4GHz channel, but one unknown stick to our 5GHz channel (now disappeared). hoping it keeps the normal way.
searched [is it normal DoS attacked and target at my notebook one time yesterday?] got:
Its not "normal" in the sense of being expected, but its also not entirely uncommon for a device with an internet connection to be targeted by a DoS (Denial of Service) attack. DoS attacks aim to make a device or service unavailable by overloading it with traffic. While a single attack might seem unusual, the frequency of such attacks, even on individual devices, is high.
Elaboration: DoS Attacks are Common: DoS attacks are a persistent threat, with numerous attacks happening daily.
Targets: While websites and services are the most common targets, individual devices like notebooks can also be targeted.
Frequency: Even a single device with internet access can be targeted multiple times daily, with some estimates suggesting an average attack every 39 seconds on an application with internet connectivity.
Impact: The impact of a DoS attack can range from temporary slowdowns to complete unavailability of the device or service
How long does a DDoS attack usually last? There are many types of DDoS attacks, including volumetric attacks, state-exhaustion attacks, and application layer attacks. On average, DDoS attacks are fairly brief, with more than 60 percent of attacks lasting fewer than 10 minutes.Aug 5, 2024
--examined WAN setup, [ Disable Port Scan and DoS Protection] was unknown changed from unmarked to marked. this is 2nd time i found weird thing, so now i unmarked and click apply at 5/19/2025 12-51pm
--examined Guest Network which i always disabled, enabled security WPA2-PSK [AES] but now it shows marked Enable SSID Broadcast; Security Options - Profile None for both 2.4 and 5 GHz. isnt very weird can change our setting? so i unchecked and select security as WPA2-PSK [AES] also set Passphrase (password) click apply at 5/19/2025 1-00pm, verify in the evening see any one control our router admin device today.
--USB storage and Media Server setting was normal didnt malicious changed. that is my 神操作 to forbid readyshare
--i did backup settings to make a copy of current settings at 1-09pm that can prove if needs for internet service company reference.
--i didnt know how to set remote management to only my notebook IP address which disallowed by router admin. the help center shows:Select Only This Computer to allow access by only one IP address. --which i use my notebook IP address didnt succeed. however i did disable Turn Remote Management On (HTTP)/(HTTPS)
---------------updated 5/19/2025 8-45pm
PS figured out to stop DDoD [SYN Flood] attacked our notebook by :
1. router admin>advanced>administration>logs made a copy than in notepad searched [SYN Flood] which attacked our 2 notebooks IP address and wrote down [our notebook IP address]:33029 and the max number 51959
2. seached [what is SYN Flood?] A SYN flood is a type of denial-of-service attack where an attacker sends a large number of TCP SYN packets to a server, without completing the connection handshake. This overwhelms the server, preventing it from accepting legitimate connections.
--that might be why router admin website broke down. but can visit other websites after 5/10-5/11/2025 attacked. until we did hardware reset.
SYN Flood Attack: In a SYN flood, the attacker sends many SYN packets without sending the final ACK. This leaves the server with a large number of half-open connections.
Resource Exhaustion: The server has to keep track of these half-open connections, consuming valuable resources. This can eventually overwhelm the server, making it unable to respond to legitimate requests.
Denial of Service: By exhausting the servers resources, the attacker effectively denies legitimate users access to the server.
3. router admin>advanced>security>block service
services blocking : always [marked]
service table : click add entered Service Type[SYN Flood] Port [TCP: 33029 ~ 51959] IP [our 2 notebooks ip address range], in the future other DDoD attacked can continue adding. ps i may wrong but at least an example how to fill the form. as those attacked internet provider or router companies they can solve by their problems if they didnt then we might switch to other companies. why should we pay their problems. Just received router company notified (Reinstatement fee) $22 extra for warranty expired if extend warranty. the question warranty only for hardware parts failed not including solving MS updated caused a mess, DDoD attacking.
just searched [genie i disabled media server in admin but why media server still showed in netgear genie PC version ?] got: Its possible that the Netgear Genie PC application is not correctly reflecting the changes made to the media server settings in the routers admin interface. Thiscould be due to the Genie app having its own independent settings or not fully synchronizing with the router settings
....
Uninstall and Reinstall Genie App: If the issue persists, consider uninstalling and reinstalling the Genie app to ensure a clean configuration.
ps spouse would be nerve break down again, wait after he sleep then turn off my notebook and router then restart as suggestion to see whether can sync correctly, if not then uninstall, reinstall Genie app PC version with a highly risk. you see it is router company made caused the problem. i just bought mine last year didnt know readyshare , and media server traps. the router also bought less than 2 years ago which discontinue maintainence. Trump should force all products with apps, windows OS must label their expiration dates or buyer can get same warranty years bagin the date purchased not the company published especially MS windows.
............................
--i havent adding block sites that was erased by hardware set. and few not knowing how to do such as ipv6, Dynamic DNS, disable Allow Remote Access By: everyone (ps i would say the worst default cant disable)
however router admin BASIC showing Readyshare no USB drive, Guest Network Not enabled can really forbid some one malicious modified my setting?
5/19/2025 2:55pm caught a weird cell phone 88:xxx which is quickly disappeared before can copy ip address, suddenly showed in file explorer network (usually disabled in windows settings>advanced sharing settings > network discovery OFF but to make sure no weird unknown device hooked our network then temporily turned ON. ) immediately verified router admin logs which found DDoD attacked returned back and this time one time attacked spouse notebook as: [DoS attack: SYN Flood] from 68.67.181.103, port 443 1 Mon May 19 18:35:59 2025 192.168.0.xx 68.67.181.103:443; the rest target at our internet provider
--serached [what is 68.67.181.103?] got : 68.67.181.103, 2024-12-19 08:49, 2025-02-03 12:26, AS29990 appnexus inc, country flag United States. Whitelisted, nym1.ib.adnxs.com, A, 68.67.181.230, 2024-12- ...
ie appnexus inc so searched [what is appnexus inc doing?] got:
AppNexus is a technology company that focuses onproviding programmatic online advertising platforms. It was originally a demand-side platform (DSP) and supply-side platform (SSP) but has since been acquired by AT&T and is now part of Xandr, which was later acquired by Microsoft. Currently, AppNexus is involved in various aspects of the digital advertising landscape, including:Cloud-based software platform, Marketplace, DSP and SSP,Ad serving,Data management and optimization,Audience extension,Directly negotiated campaigns.
--spouse daily watched video shows the only possibility related is Marketplace and Ad serving that videos frequently interrup by adv.
i dont know why a weird cell phone device 88:xxx hooked our network for which router admin cant find but file explorer network. the most strange is PC netgear network map and file explorer network showed readyshare and media server symbols on my pc but after the weird cell phone disappeared both also dropped off. what does it mean? the person/company so eagerly insist turn our pc into media server and cant kick off readyshare.
didnt the company know DDoD attacked or it is the person use its device (cell phone like symbol) issued DDoD attacked spouse notebook?
This is why i disallowed any new fuction/app we dont use such as readyshare or media server because they service for adv. companies which fill with unknown virus embeded. same as Google cant stop dirty sex websites pretended unknown 1-773-872-3783 called us. ps searched [1-773-872-3783] only showed my 2 articles as [
will donotcall blockade 1-773-872-3783/4059 or else ...] 4 days ago — Residents of the Northern District of Illinois receiving these scam calls should report the calls to the FBI Chicago Field Office and file a ...and
[will donotcall blockade 1-773-872-3783/4059 or else, related to DDoD atteacked on 5/10-5/11/2025? 2025/05/16 15:09:17. 瀏覽:3. 军事博主谈英军在阿富汗非法杀戮 ...
PS 5/19/2025 do not click Google searched mine posted papers in case unknown virous hided, it could be a fishing....
isnt Google finally did right thing to dropped off fishing websites which blackmailed me for visited those dirty websites (i had to find out who is 1-773-872-3783/4059 called us, didnt know they all are dirty sex websites to black/blackmail tiktok).
corrected : caught it as: full_gminfo36_ga MAC address 88:5a:85:bb:43:d6
manufacturer :gm; model and model number : gminfo36
searched [what is gm which hooked in my file explorer network?] N/P but another poster: What is gminfo3? gminfo3 indicates a general motors infotainment system by harman... were on the 4th floor, and dont have a car... indeed our wifi connection cannot be reached from outside as its too far up.Jun 9, 2020
searched [what is gminfo36 which hooked in my file explorer network? ] showed :
Strange device in Networks on Windows (Home Network) from Reddit · r/techsupport 10+ comments · 4 years ago (ie in 2021)
I was trying to set up WSL for my development work and noticed an odd device in the Windows "Networks" tab in file explorer. Its there for about 5 seconds and ...
Random devices on my network displayed in Windows ... from Netgear https://community.netgear.com › General-WiFi-Routers Jun 24, 2018 — Random devices that i did not connect to my network are popping up under the Network section of Windows Explorer. However, when i check on ...
--obviously Netgear router company already knew so why didnt allow user to disable readyshare, media server and disable Allow Remote Access By: everyone?
from my collected evidence it is all about MS file explorer network very bad design and pretended it is good for users name but caused DDoD attacked users pc or other devices. shouldnt MS be responsible ?
ps i didnt want to click those popped up websites in case virus hided in those posters papers. but to let more people understand so i copy/pasted here:
R0BBYMALZ Guide Jun 24, 2018: Random devices on my network displayed in Windows explorer under the network section
Random devices that i did not connect to my network are popping up under the Network section of Windows Explorer. However, when i check on my Netgear Router settings, none of these devices appear anywhere. They dont appear on the list that shows what is currently connected and they are not on the list that shows devices are not connected but once were.
I dont understand how these devices are on my Network. And Im not sure if this is just an issue with Windows 10. Even after changing my router password, these devices still remain "connected"
These are 2 items that have popped up
1) Car-1b44:
Manufacturer: DENSO, Manufacturer webpage unavailable
Model: Honda Generation 1 mid grade, model webpage unavailable
Model Number: Generation 1 mid grade
Device webpage: Presentation webpage unavailable
Serial number: unavailable
MAC Address: a0:cc:2b:08:1b:43
Unique identifier: unavailable
IP address: unavailable
2) Sitara
Manufacturer: TI, manufacturer webpage unavailable
Model: Wilink, model webpage unavailable
Model number: wl18xx
Device webpage: presentation webpage unavailable
Seriap number: unavailable
MAC address: 50:f1:4a:ad:ca:76
Unique identifier: unavailable
IP address: unavailable
....R0BBYMALZ Guide Feb 08, 2019 : I do believe I found a potential solutions after doing some research about this issue. "Research" was in fact suggested by another user so heres what I found
Here is the link to another forum on Netgear Community of a user who also experiences this issue as well as someones response to their question
https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Random-device-appearing-under-Network-in-Windows/m-p/511457#M15445
Re: Random device appearing under Network in Windows?
That is a WINDOWS bug... All my computers would show a phone connected to the network. Router access list would not. Explorer wouldnt show it on the network either.
Others have posted about this as well on the web, http://www.eightforums.com/network-sharing/12630-someones-phone-connected-my-network-why-how.html.
http://answers.microsoft.com/en-us/windows/forum/windows_8-networking/unknown-phone-appears-as-a-con...
http://community.virginmedia.com/t5/Wireless-Networking/Unknown-devices-showing-in-windows-8-network...
As the last one shows, it is probably due to Windows Connect Now Service:
===========
WCNCSVC hosts the Windows Connect Now Configuration which is Microsofts Implementation of Wi-Fi Protected Setup (WPS) protocol. This is used to configure Wireless LAN settings for an Access Point (AP) or a Wi-Fi Device. The service is started programmatically as needed.
===========
I just disabled that service and no longer see this. I can only surmise that it senses a phone nearby and remembers it. In my case they tend to disappear within minutes and properties only show a MAC address, it never connects.
Message 5 of 5 2 Kudos
--what i felt about it? i dont think there is a sollution can stop it as usual , isnt it is MS back door puropose, that any MS bug hardly really solved, found bug in Jun 24, 2018 till today 5/19/2025 still existing, neither router company nor MS improved at all, very likely it became masters one of threaten weapons. i bet all paied attention to their File explorer network popped up unknown devices felt very unconfortable as me that didnt feel safe at all and worry data files stolen by those hooked unknown bastards.
searched [what is WCNCSVC ?] WCNCSVC stands forWindows Connect Now - Config Registrar. Its the service that hosts Microsofts implementation of Wi-Fi Protected Setup (WPS) protocol, which is used for configuring wireless LAN settings for access points or Wi-Fi devices.
searched [how to block WCNCSVC service?]
To disable the WCNCSVC service (Windows Network Connectivity Service), you can use either the Services console or the Command Prompt.In the Services console, locate the service, right-click, and select "Properties," then set the "Startup type" to "Disabled". Alternatively, you can use the command
sc config WCNCSVC start= disabled
in an elevated Command Prompt. Restarting your computer will apply the changes.
--cant find in my Services console so use cmd as:
C:\Windows\System32>sc config WCNCSVC start= disabled
[SC] ChangeServiceConfig SUCCESS
--really hoping it solve the problem as R0BBYMALZ Guide. UPDATED: it didnt and in my file explorer popped up new Generic network connected device 28:xxx and Car-9f28 manufacturer DENSO model & number Honda Generation 1 mid grade 44:91:60:73:9f:28
--it is all about adv to make router company and MS explorer earn the money. i did try to post in R0BBYMALZ Guide but it showed SOLVED and seemed closed that disallow any new poster adding in. popped up [https://accounts2.netgear.com/login?clientId=5eaghuk1i3grv0kf2jakrucakj&redirectUrl=https:%2F%2Fmy.netgear.com%...] to login but after typed user and password click submit wont work.
isnt extreamly sacrely they control our HD file explorer but can run away DDoD attacked user PC?
------------------------
专家解释为何中国和亚洲发展中国家在互联网基础设施建设方面比美欧更有优势 2024年11月21日, 23:01
评论
马来西亚科技大学教授、IPv6论坛副主席苏雷士瓦兰·拉马达斯对卫星通讯社表示,与发达国家相比,中国和其他亚洲国家在互联网基础设施建设方面处于优势地位。他表示,亚洲国家由于互联网发展起步较晚,能够越过某些技术发展阶段,按照最新标准建设基础设施。
11月21日第十届世界互联网大会乌镇峰会在乌镇举行“未来数字”论坛。专家们齐聚一堂,讨论了互联网的未来、发展途径、网络安全问题,以及人工智能(AI)等新技术的引入。
论坛发言人之一,马来西亚科技大学教授苏雷士瓦兰·拉马达斯在接受卫星通讯社采访时称:“中国的情况比一些发达国家好,甚至东盟的情况也比它们好。如果您问我的看法,最大的原因之一是基础设施。以日本等较早引入互联网的国家为例:它们依然拥有较旧的基础设施、铜缆、较旧的路由器。最近搭乘这列火车的国家跳过了这些阶段,它们正在基于新技术从头开始做这一切,它们正在到处铺设光纤线路......”
他将这一过程与现代和古代城市的住房和公共服务综合体的服务进行了比较。
他说:“欧洲最看重的是其古老的生活方式,中国最看重的是技术。看看中国:城市、道路——一切都是新的。如果你看看美国、欧洲的老城市,俄罗斯的很多城市,都有古老的建筑、美丽的古典风格、石雕。但从技术上讲,这些建筑已经过时,它们的供暖系统无法像现代建筑那样运作,必须让其适应。互联网也是如此。”
苏雷士瓦兰·拉马达斯表示,如今正在迎头赶上的国家通常都拥有新的互联网基础设施,而以前大规模普及互联网的国家已经开始花钱更新甚至完全更换基础设施,因为这一技术发展周期不超过10年。因此今天一些亚洲国家在互联网发展方面也已领先于欧洲。
这位马来西亚专家说:“东盟正在追赶中国,我们也在积极快速发展的科技领域追赶。南亚国家——印度、孟加拉国、巴基斯坦——也开始积极掌握运用新技术。他们保留旧的,但也开发新的,试图保持平衡。这是一个令人惊叹的时代,年轻人现在正埋头于老一辈人无法想象的事业中。”
苏雷士瓦兰·拉马达斯在与卫星通讯社记者讨论新技术的影响时指出,人工智能等技术正在改变我们对信息的认知。
他说:“对于今天的年轻人来说,瞬时即可获取信息。现在,如果我需要写一份报告,只需要五天的时间。而10年前我不得不花一年的时间来做同样的事。”
他强调,如果说技术被看作给我们带来新机会和新感知的工具,那么这种新的现实就不是威胁,而是机遇,因此没有必要害怕它们。你必须接受它们并享受它们。
乌镇世界互联网峰会自2014年开始举办,旨在探讨和讨论互联网技术、网络安全领域的迫切问题及其对经济社会的影响。会议为促进全球互联网环境和谐发展提供了思想和策略交流的平台。
--the only problem is masters cant put down to be masters manner, same as spouse cant put down all his jobs carrier as manager manner. he wanted to prove he did things right so cant see the reality, cant feel people dont like 高高在上的颐气指使 manner.
ps 颐气指使 最早出自于东汉·班固《汉书·贡禹传》“家富势足,目指气使。”
宋·司马光《资治通鉴·唐纪·昭宣帝天佑二年》:“见朝士,皆颐指气使,旁若无人。”
后人据此总结出成语颐指气使
成语故事 《资治通鉴》记载,唐昭宗天祐二年(905年),身为节度使的朱温杀了宰相崔胤以后,强迫昭宗迁都。但是,朱温还不放心,让他的心腹李振去洛阳监视唐昭宗及其臣僚。李振是怎样一个角色呢?据史籍记载,“李振屡举进士,竟不中第。故深疾缙绅之士”。原来这是个不好好读书一直考不上功名,从而特别痛恨读书当官的人的人。后来,他投靠了朱温,一步登天,竟成了监察皇上和百官的朱温代理人。朱温自己也常以天显异象来彰表威望,传说朱温出生的那天晚上,天显异象,“所居庐舍之上,赤气上腾”,很远的地方就能看到一 片红光。邻居都以为朱温家宅失火了,纷纷提着水桶,端着脸盆,赶快到朱家救火。不料跑到朱家门口一看,一切平静如常,什么事情也没有发生,说是天显神灵,朱家必旺。其心腹李振更是卖力地宣扬,他媚上欺下,对人刁滑无礼,下属一见到他都缩紧了头颈,表现出很害怕的样子,李振这可得意了,“振每自汴至洛,见朝士皆颐指气使,旁若无人”。(《资治通鉴》昭宗天祐二年)后人评论说,“以颐指麾,以气使令,言其怙朱全忠(朱温)之劫而肆其骄豪也”。
成语用法
颐指:动下巴示意,指挥别人;气使:用神情气色支使人。不说话而用面部表示表情示意。颐指气使的意思是形容有权势的人指挥别人的傲慢态度。联合式;作谓语、宾语、定语;含贬义。 [1]
运用示例
唐·元稹《追封李逊母崔氏博陵郡太君》:“今逊等有地千里,有禄万钟,颐指气使,无不随顺。所不足者,其唯风树寒泉之思乎!”
a DDoS attack targets websites and servers also impact ...
Udn 部落格 https://classic-blog.udn.com › amt...·7 days ago (ie 5/10-5/11/2025 cant visit router admin website the logs showed DDoD attacked internet provider and our 2 notebooks which also messed up logs date after can visit)
— ... 149.75.231.61:57241 208.59.247.45:53. DoS attack: TCP- or UDP-based Port Scan] from 208.59.247.45, port 53 1 Sun May 11 04:03:58 2025 149.75 ...
--which i also posted in here 360doc.
so searched [ip address what is 149.75.231.61?] got: The IP address 149.75.231.61 is associated with the Internet Service Provider (ISP) Google and the organization Google LLC. Its also likely associated with a hostname related to Google.
visited [https://www.whois.com/whois/ and typed 149.75.231.61:57241] showed: Whois IP 149.75.231.61
Updated 14 hours ago (ie 5/17/2025 around 10am period now here is 5/18 12:50am) spouse called the company 5/17 11:12am complained internet cant connect after ourself tried hardware reset router, and changed strong password, set up....
...NetName/Organization /OrgName [our internet provider]
...Comment: For all abuse issues, please contact email@rcn.com
--the question is without reading this report wont know we were abused but called the company 5/7? that declared $70+/mm renting the company router can get help. until 5/10-5/11 cant visit rounter admin website, 5/17 even worse cant connect wifi.
the weird is the end of report on the bottom showed [%ok] ps i wanted to post the report but not sure whether against whois.com agreement i signed. it also remind me not just 2023 every year toward Sep-Nov we suffered internet frequently broke and they sent tech to examine but found nothing wrong indoors, 2 times declared the wiring either connected to wrong in their box hanged with nearby pole power line or replaced our underground wired(which replaced twice after 1st time installed in 2021), last year declared rusted in connection box hanged in our outdoor wall.
we was xfinity client from 2017-2021 and ATT 1996 (spouse bought the house)-2013, then 2013-2017(moved to current house) they only installed lines once until our neighbour snow shovel guy hit our outdoor wall box and xfinity didnt in time fixed the broke box which caused internet frequently broke.
5/19/2025 visited router admin website advanced>administration> logs and event log which quite good didnt see DDoD attack again except one time DoS attack my notebook as:
[DoS attack: IP packet w/MC or BC SRC addr] from 207.172.19.255, port 0
1 Sun May 18 22:25:27 2025 192.168.0.xx:0 207.172.19.255:0
also verified wireless channel that better than before didnt see weird others WiFi stick to our 2.4GHz channel, but one unknown stick to our 5GHz channel (now disappeared). hoping it keeps the normal way.
searched [is it normal DoS attacked and target at my notebook one time yesterday?] got:
Its not "normal" in the sense of being expected, but its also not entirely uncommon for a device with an internet connection to be targeted by a DoS (Denial of Service) attack. DoS attacks aim to make a device or service unavailable by overloading it with traffic. While a single attack might seem unusual, the frequency of such attacks, even on individual devices, is high.
Elaboration: DoS Attacks are Common: DoS attacks are a persistent threat, with numerous attacks happening daily.
Targets: While websites and services are the most common targets, individual devices like notebooks can also be targeted.
Frequency: Even a single device with internet access can be targeted multiple times daily, with some estimates suggesting an average attack every 39 seconds on an application with internet connectivity.
Impact: The impact of a DoS attack can range from temporary slowdowns to complete unavailability of the device or service
How long does a DDoS attack usually last? There are many types of DDoS attacks, including volumetric attacks, state-exhaustion attacks, and application layer attacks. On average, DDoS attacks are fairly brief, with more than 60 percent of attacks lasting fewer than 10 minutes.Aug 5, 2024
--examined WAN setup, [ Disable Port Scan and DoS Protection] was unknown changed from unmarked to marked. this is 2nd time i found weird thing, so now i unmarked and click apply at 5/19/2025 12-51pm
--examined Guest Network which i always disabled, enabled security WPA2-PSK [AES] but now it shows marked Enable SSID Broadcast; Security Options - Profile None for both 2.4 and 5 GHz. isnt very weird can change our setting? so i unchecked and select security as WPA2-PSK [AES] also set Passphrase (password) click apply at 5/19/2025 1-00pm, verify in the evening see any one control our router admin device today.
--USB storage and Media Server setting was normal didnt malicious changed. that is my 神操作 to forbid readyshare
--i did backup settings to make a copy of current settings at 1-09pm that can prove if needs for internet service company reference.
--i didnt know how to set remote management to only my notebook IP address which disallowed by router admin. the help center shows:Select Only This Computer to allow access by only one IP address. --which i use my notebook IP address didnt succeed. however i did disable Turn Remote Management On (HTTP)/(HTTPS)
---------------updated 5/19/2025 8-45pm
PS figured out to stop DDoD [SYN Flood] attacked our notebook by :
1. router admin>advanced>administration>logs made a copy than in notepad searched [SYN Flood] which attacked our 2 notebooks IP address and wrote down [our notebook IP address]:33029 and the max number 51959
2. seached [what is SYN Flood?] A SYN flood is a type of denial-of-service attack where an attacker sends a large number of TCP SYN packets to a server, without completing the connection handshake. This overwhelms the server, preventing it from accepting legitimate connections.
--that might be why router admin website broke down. but can visit other websites after 5/10-5/11/2025 attacked. until we did hardware reset.
SYN Flood Attack: In a SYN flood, the attacker sends many SYN packets without sending the final ACK. This leaves the server with a large number of half-open connections.
Resource Exhaustion: The server has to keep track of these half-open connections, consuming valuable resources. This can eventually overwhelm the server, making it unable to respond to legitimate requests.
Denial of Service: By exhausting the servers resources, the attacker effectively denies legitimate users access to the server.
3. router admin>advanced>security>block service
services blocking : always [marked]
service table : click add entered Service Type[SYN Flood] Port [TCP: 33029 ~ 51959] IP [our 2 notebooks ip address range], in the future other DDoD attacked can continue adding. ps i may wrong but at least an example how to fill the form. as those attacked internet provider or router companies they can solve by their problems if they didnt then we might switch to other companies. why should we pay their problems. Just received router company notified (Reinstatement fee) $22 extra for warranty expired if extend warranty. the question warranty only for hardware parts failed not including solving MS updated caused a mess, DDoD attacking.
just searched [genie i disabled media server in admin but why media server still showed in netgear genie PC version ?] got: Its possible that the Netgear Genie PC application is not correctly reflecting the changes made to the media server settings in the routers admin interface. Thiscould be due to the Genie app having its own independent settings or not fully synchronizing with the router settings
....
Uninstall and Reinstall Genie App: If the issue persists, consider uninstalling and reinstalling the Genie app to ensure a clean configuration.
ps spouse would be nerve break down again, wait after he sleep then turn off my notebook and router then restart as suggestion to see whether can sync correctly, if not then uninstall, reinstall Genie app PC version with a highly risk. you see it is router company made caused the problem. i just bought mine last year didnt know readyshare , and media server traps. the router also bought less than 2 years ago which discontinue maintainence. Trump should force all products with apps, windows OS must label their expiration dates or buyer can get same warranty years bagin the date purchased not the company published especially MS windows.
............................
--i havent adding block sites that was erased by hardware set. and few not knowing how to do such as ipv6, Dynamic DNS, disable Allow Remote Access By: everyone (ps i would say the worst default cant disable)
however router admin BASIC showing Readyshare no USB drive, Guest Network Not enabled can really forbid some one malicious modified my setting?
5/19/2025 2:55pm caught a weird cell phone 88:xxx which is quickly disappeared before can copy ip address, suddenly showed in file explorer network (usually disabled in windows settings>advanced sharing settings > network discovery OFF but to make sure no weird unknown device hooked our network then temporily turned ON. ) immediately verified router admin logs which found DDoD attacked returned back and this time one time attacked spouse notebook as: [DoS attack: SYN Flood] from 68.67.181.103, port 443 1 Mon May 19 18:35:59 2025 192.168.0.xx 68.67.181.103:443; the rest target at our internet provider
--serached [what is 68.67.181.103?] got : 68.67.181.103, 2024-12-19 08:49, 2025-02-03 12:26, AS29990 appnexus inc, country flag United States. Whitelisted, nym1.ib.adnxs.com, A, 68.67.181.230, 2024-12- ...
ie appnexus inc so searched [what is appnexus inc doing?] got:
AppNexus is a technology company that focuses onproviding programmatic online advertising platforms. It was originally a demand-side platform (DSP) and supply-side platform (SSP) but has since been acquired by AT&T and is now part of Xandr, which was later acquired by Microsoft. Currently, AppNexus is involved in various aspects of the digital advertising landscape, including:Cloud-based software platform, Marketplace, DSP and SSP,Ad serving,Data management and optimization,Audience extension,Directly negotiated campaigns.
--spouse daily watched video shows the only possibility related is Marketplace and Ad serving that videos frequently interrup by adv.
i dont know why a weird cell phone device 88:xxx hooked our network for which router admin cant find but file explorer network. the most strange is PC netgear network map and file explorer network showed readyshare and media server symbols on my pc but after the weird cell phone disappeared both also dropped off. what does it mean? the person/company so eagerly insist turn our pc into media server and cant kick off readyshare.
didnt the company know DDoD attacked or it is the person use its device (cell phone like symbol) issued DDoD attacked spouse notebook?
This is why i disallowed any new fuction/app we dont use such as readyshare or media server because they service for adv. companies which fill with unknown virus embeded. same as Google cant stop dirty sex websites pretended unknown 1-773-872-3783 called us. ps searched [1-773-872-3783] only showed my 2 articles as [
will donotcall blockade 1-773-872-3783/4059 or else ...] 4 days ago — Residents of the Northern District of Illinois receiving these scam calls should report the calls to the FBI Chicago Field Office and file a ...and
[will donotcall blockade 1-773-872-3783/4059 or else, related to DDoD atteacked on 5/10-5/11/2025? 2025/05/16 15:09:17. 瀏覽:3. 军事博主谈英军在阿富汗非法杀戮 ...
PS 5/19/2025 do not click Google searched mine posted papers in case unknown virous hided, it could be a fishing....
isnt Google finally did right thing to dropped off fishing websites which blackmailed me for visited those dirty websites (i had to find out who is 1-773-872-3783/4059 called us, didnt know they all are dirty sex websites to black/blackmail tiktok).
corrected : caught it as: full_gminfo36_ga MAC address 88:5a:85:bb:43:d6
manufacturer :gm; model and model number : gminfo36
searched [what is gm which hooked in my file explorer network?] N/P but another poster: What is gminfo3? gminfo3 indicates a general motors infotainment system by harman... were on the 4th floor, and dont have a car... indeed our wifi connection cannot be reached from outside as its too far up.Jun 9, 2020
searched [what is gminfo36 which hooked in my file explorer network? ] showed :
Strange device in Networks on Windows (Home Network) from Reddit · r/techsupport 10+ comments · 4 years ago (ie in 2021)
I was trying to set up WSL for my development work and noticed an odd device in the Windows "Networks" tab in file explorer. Its there for about 5 seconds and ...
Random devices on my network displayed in Windows ... from Netgear https://community.netgear.com › General-WiFi-Routers Jun 24, 2018 — Random devices that i did not connect to my network are popping up under the Network section of Windows Explorer. However, when i check on ...
--obviously Netgear router company already knew so why didnt allow user to disable readyshare, media server and disable Allow Remote Access By: everyone?
from my collected evidence it is all about MS file explorer network very bad design and pretended it is good for users name but caused DDoD attacked users pc or other devices. shouldnt MS be responsible ?
ps i didnt want to click those popped up websites in case virus hided in those posters papers. but to let more people understand so i copy/pasted here:
R0BBYMALZ Guide Jun 24, 2018: Random devices on my network displayed in Windows explorer under the network section
Random devices that i did not connect to my network are popping up under the Network section of Windows Explorer. However, when i check on my Netgear Router settings, none of these devices appear anywhere. They dont appear on the list that shows what is currently connected and they are not on the list that shows devices are not connected but once were.
I dont understand how these devices are on my Network. And Im not sure if this is just an issue with Windows 10. Even after changing my router password, these devices still remain "connected"
These are 2 items that have popped up
1) Car-1b44:
Manufacturer: DENSO, Manufacturer webpage unavailable
Model: Honda Generation 1 mid grade, model webpage unavailable
Model Number: Generation 1 mid grade
Device webpage: Presentation webpage unavailable
Serial number: unavailable
MAC Address: a0:cc:2b:08:1b:43
Unique identifier: unavailable
IP address: unavailable
2) Sitara
Manufacturer: TI, manufacturer webpage unavailable
Model: Wilink, model webpage unavailable
Model number: wl18xx
Device webpage: presentation webpage unavailable
Seriap number: unavailable
MAC address: 50:f1:4a:ad:ca:76
Unique identifier: unavailable
IP address: unavailable
....R0BBYMALZ Guide Feb 08, 2019 : I do believe I found a potential solutions after doing some research about this issue. "Research" was in fact suggested by another user so heres what I found
Here is the link to another forum on Netgear Community of a user who also experiences this issue as well as someones response to their question
https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Random-device-appearing-under-Network-in-Windows/m-p/511457#M15445
Re: Random device appearing under Network in Windows?
That is a WINDOWS bug... All my computers would show a phone connected to the network. Router access list would not. Explorer wouldnt show it on the network either.
Others have posted about this as well on the web, http://www.eightforums.com/network-sharing/12630-someones-phone-connected-my-network-why-how.html.
http://answers.microsoft.com/en-us/windows/forum/windows_8-networking/unknown-phone-appears-as-a-con...
http://community.virginmedia.com/t5/Wireless-Networking/Unknown-devices-showing-in-windows-8-network...
As the last one shows, it is probably due to Windows Connect Now Service:
===========
WCNCSVC hosts the Windows Connect Now Configuration which is Microsofts Implementation of Wi-Fi Protected Setup (WPS) protocol. This is used to configure Wireless LAN settings for an Access Point (AP) or a Wi-Fi Device. The service is started programmatically as needed.
===========
I just disabled that service and no longer see this. I can only surmise that it senses a phone nearby and remembers it. In my case they tend to disappear within minutes and properties only show a MAC address, it never connects.
Message 5 of 5 2 Kudos
--what i felt about it? i dont think there is a sollution can stop it as usual , isnt it is MS back door puropose, that any MS bug hardly really solved, found bug in Jun 24, 2018 till today 5/19/2025 still existing, neither router company nor MS improved at all, very likely it became masters one of threaten weapons. i bet all paied attention to their File explorer network popped up unknown devices felt very unconfortable as me that didnt feel safe at all and worry data files stolen by those hooked unknown bastards.
searched [what is WCNCSVC ?] WCNCSVC stands forWindows Connect Now - Config Registrar. Its the service that hosts Microsofts implementation of Wi-Fi Protected Setup (WPS) protocol, which is used for configuring wireless LAN settings for access points or Wi-Fi devices.
searched [how to block WCNCSVC service?]
To disable the WCNCSVC service (Windows Network Connectivity Service), you can use either the Services console or the Command Prompt.In the Services console, locate the service, right-click, and select "Properties," then set the "Startup type" to "Disabled". Alternatively, you can use the command
sc config WCNCSVC start= disabled
in an elevated Command Prompt. Restarting your computer will apply the changes.
--cant find in my Services console so use cmd as:
C:\Windows\System32>sc config WCNCSVC start= disabled
[SC] ChangeServiceConfig SUCCESS
--really hoping it solve the problem as R0BBYMALZ Guide. UPDATED: it didnt and in my file explorer popped up new Generic network connected device 28:xxx and Car-9f28 manufacturer DENSO model & number Honda Generation 1 mid grade 44:91:60:73:9f:28
--it is all about adv to make router company and MS explorer earn the money. i did try to post in R0BBYMALZ Guide but it showed SOLVED and seemed closed that disallow any new poster adding in. popped up [https://accounts2.netgear.com/login?clientId=5eaghuk1i3grv0kf2jakrucakj&redirectUrl=https:%2F%2Fmy.netgear.com%...] to login but after typed user and password click submit wont work.
isnt extreamly sacrely they control our HD file explorer but can run away DDoD attacked user PC?
------------------------
专家解释为何中国和亚洲发展中国家在互联网基础设施建设方面比美欧更有优势 2024年11月21日, 23:01
评论
马来西亚科技大学教授、IPv6论坛副主席苏雷士瓦兰·拉马达斯对卫星通讯社表示,与发达国家相比,中国和其他亚洲国家在互联网基础设施建设方面处于优势地位。他表示,亚洲国家由于互联网发展起步较晚,能够越过某些技术发展阶段,按照最新标准建设基础设施。
11月21日第十届世界互联网大会乌镇峰会在乌镇举行“未来数字”论坛。专家们齐聚一堂,讨论了互联网的未来、发展途径、网络安全问题,以及人工智能(AI)等新技术的引入。
论坛发言人之一,马来西亚科技大学教授苏雷士瓦兰·拉马达斯在接受卫星通讯社采访时称:“中国的情况比一些发达国家好,甚至东盟的情况也比它们好。如果您问我的看法,最大的原因之一是基础设施。以日本等较早引入互联网的国家为例:它们依然拥有较旧的基础设施、铜缆、较旧的路由器。最近搭乘这列火车的国家跳过了这些阶段,它们正在基于新技术从头开始做这一切,它们正在到处铺设光纤线路......”
他将这一过程与现代和古代城市的住房和公共服务综合体的服务进行了比较。
他说:“欧洲最看重的是其古老的生活方式,中国最看重的是技术。看看中国:城市、道路——一切都是新的。如果你看看美国、欧洲的老城市,俄罗斯的很多城市,都有古老的建筑、美丽的古典风格、石雕。但从技术上讲,这些建筑已经过时,它们的供暖系统无法像现代建筑那样运作,必须让其适应。互联网也是如此。”
苏雷士瓦兰·拉马达斯表示,如今正在迎头赶上的国家通常都拥有新的互联网基础设施,而以前大规模普及互联网的国家已经开始花钱更新甚至完全更换基础设施,因为这一技术发展周期不超过10年。因此今天一些亚洲国家在互联网发展方面也已领先于欧洲。
这位马来西亚专家说:“东盟正在追赶中国,我们也在积极快速发展的科技领域追赶。南亚国家——印度、孟加拉国、巴基斯坦——也开始积极掌握运用新技术。他们保留旧的,但也开发新的,试图保持平衡。这是一个令人惊叹的时代,年轻人现在正埋头于老一辈人无法想象的事业中。”
苏雷士瓦兰·拉马达斯在与卫星通讯社记者讨论新技术的影响时指出,人工智能等技术正在改变我们对信息的认知。
他说:“对于今天的年轻人来说,瞬时即可获取信息。现在,如果我需要写一份报告,只需要五天的时间。而10年前我不得不花一年的时间来做同样的事。”
他强调,如果说技术被看作给我们带来新机会和新感知的工具,那么这种新的现实就不是威胁,而是机遇,因此没有必要害怕它们。你必须接受它们并享受它们。
乌镇世界互联网峰会自2014年开始举办,旨在探讨和讨论互联网技术、网络安全领域的迫切问题及其对经济社会的影响。会议为促进全球互联网环境和谐发展提供了思想和策略交流的平台。
--the only problem is masters cant put down to be masters manner, same as spouse cant put down all his jobs carrier as manager manner. he wanted to prove he did things right so cant see the reality, cant feel people dont like 高高在上的颐气指使 manner.
ps 颐气指使 最早出自于东汉·班固《汉书·贡禹传》“家富势足,目指气使。”
宋·司马光《资治通鉴·唐纪·昭宣帝天佑二年》:“见朝士,皆颐指气使,旁若无人。”
后人据此总结出成语颐指气使
成语故事 《资治通鉴》记载,唐昭宗天祐二年(905年),身为节度使的朱温杀了宰相崔胤以后,强迫昭宗迁都。但是,朱温还不放心,让他的心腹李振去洛阳监视唐昭宗及其臣僚。李振是怎样一个角色呢?据史籍记载,“李振屡举进士,竟不中第。故深疾缙绅之士”。原来这是个不好好读书一直考不上功名,从而特别痛恨读书当官的人的人。后来,他投靠了朱温,一步登天,竟成了监察皇上和百官的朱温代理人。朱温自己也常以天显异象来彰表威望,传说朱温出生的那天晚上,天显异象,“所居庐舍之上,赤气上腾”,很远的地方就能看到一 片红光。邻居都以为朱温家宅失火了,纷纷提着水桶,端着脸盆,赶快到朱家救火。不料跑到朱家门口一看,一切平静如常,什么事情也没有发生,说是天显神灵,朱家必旺。其心腹李振更是卖力地宣扬,他媚上欺下,对人刁滑无礼,下属一见到他都缩紧了头颈,表现出很害怕的样子,李振这可得意了,“振每自汴至洛,见朝士皆颐指气使,旁若无人”。(《资治通鉴》昭宗天祐二年)后人评论说,“以颐指麾,以气使令,言其怙朱全忠(朱温)之劫而肆其骄豪也”。
成语用法
颐指:动下巴示意,指挥别人;气使:用神情气色支使人。不说话而用面部表示表情示意。颐指气使的意思是形容有权势的人指挥别人的傲慢态度。联合式;作谓语、宾语、定语;含贬义。 [1]
运用示例
唐·元稹《追封李逊母崔氏博陵郡太君》:“今逊等有地千里,有禄万钟,颐指气使,无不随顺。所不足者,其唯风树寒泉之思乎!”
你可能會有興趣的文章:
限會員,要發表迴響,請先登入
