How do you recognize a Ddos attack?

St
16

I'm firmly convinced that I was drugged yesterday.

I suddenly have an EXTREMELY high ping out of nowhere and supposedly 0.70 Mbits download speed although I was able to surf the internet very quickly via Google.

But in various online games I had a 7000 ping. I called my provider and apparently there are no problems. It was the same with my laptop as with my PC.

Are these signs of a Ddos attack? And are there any more signs of this?

st

You can expect a few attacks a day. Whoever logs it sees it himself.

But why should someone attack YOU via DOS? Are you an important company?

Sw

Just restart the router. If you want to be sure, change your Wi-Fi password

Sc

You already know what the letters in DDos stand for, don't you? Small tip, s stands for "service".

Your computer has probably pulled an update.

Or your entire neighborhood was watching Netflix at home - Thanks Covid-19.

Ri

How long have you had the problem? Could possibly have been a DDoS attack, but I don't assume it, because it rarely affects private users.

The goal of a DDoS attack is actually to switch off an online shop, streamer, etc. Or to ensure that the money is lost.

Hardly believe that it was (providers like to say that there are no problems, so the customer believes that everything is okay)

EDIT:

Google statement:

A DDoS attack tries to cause the unavailability of an internet service by means of a targeted overload. Botnets consisting of a large number of individual systems are mostly used for the attack

May be easier to understand for a "non IT specialist".

Me

I'm firmly convinced that I was drugged yesterday.

To do this, a server process would have to run on one of your computers

can be reached from the Internet through the router (and its firewall), so ports in the firewall should be enabled and
this server process (e.g. Web server) should have been overloaded by different IP addresses at the same time due to an immense number of requests per second.

Then one speaks of a DDOS attack (Distributed Denial Of Service).

And you could read that in the log files of the relevant server program. As long as he was not completely overloaded, he should log the many incoming connection attempts.

St

So briefly the story:

A YouTuber, who is very well known in a video game, has a lot of haters and has been dosed more often. And these haters are starting the same thing with members of his community, where I have a more important place.

St

I have restarted it several times

st

Then please contact Youtube Support. Do you log the IP numbers that are accessing? If not, set it in the router.

ca

And? Then the goal would now be the Internet service for the FS, which was attacked here.

St

Had it for half an hour, but also failed to restart the router several times

St

I have no idea I don't quite understand. Log IP number? What does that mean?

ca

A server process (in addition to the processes that have to run on the router in order for the internet connection to work) does not have to run at all. It is enough to bomb the router with garbage requests. Of course, a relatively large number of attackers are required for this.

Ri

Do not know your provider etc, but if the router is restarted, the IP should also change, which means that a DDoS attack would no longer be possible (the attacker then no longer knows your new IP). Start from problems of the provider.

Me

Then the router is virtually the server. And routers also have log files, so you may also be able to read them there.

But true, the server process is then the firewall on the router, which first has to accept the connections and uses its rules to assess what to do with it.

st

If someone sends you tens of messages per second, they all come from the same IP number (i.e. That of their computer). You can have these numbers logged by the router and then determine whether it is the case that ONE IP sent many messages in a short time.

How the attacker is still working would be an area that is too extensive for here. Google helps.

For you means: Visit your router, often with

http://192.168.0.1/

and look for log files there.

Sc

It is possible, but it is much more likely that he caused the problem himself, or rather his computer.