3

There did not seem to be any SO community dedicated to computer security, so I'll ask here...

As the title implies, my home IP (supposedly) was involved in a DDoS attack.

I got a phone call from a computer technician involved in a website, who said his servers had been attacked, and that my home IP was in the logs.

I had never heard of that website before, and the guy seemed sincere. He said there had been several DDoS attacks, and he gave me a call to try and sort things out. He also complained to the company hosting his servers. He said the hosting company gave him my phone number, as there is a landline phone associated with the box.

Anyway, I don't know the first thing about IP addresses and DDos attacks. So I'll ask you:

  • can an attacker use/fake my IP address to commit a DDoS attack?
  • does it have to be someone in my neighborhood, connected to my wifi network, or can an attacker use my IP address remotely?
  • can a computer virus be responsible and attack indiscriminately?
  • can mac computers have such a virus?
  • what should I do, if such a think really did happen?

Thank you...

Manube
  • 133

1 Answers1

3

Yes, an attacker can both use and fake your IP to commit a DDoS. Crafting packets with a spoofed source IP is all too easy to do. To actually use your IP, there are several reasons - you could have a device on your network that is compromised (virus or otherwise), yes a Mac can get a virus like that, or even your Internet-facing router could be compromised. Basically, all of the fears you listed are possible.

As for what to do? I would start with reviewing your router logs and place a packet sniffer between your router and ISP equipment. If you see strange stuff originating from inside your network (especially look for stuff destined for that guy's servers), you can assess each device individually if feasible, with malware scanners and such.

armani
  • 586
  • 2
  • 8