Announcement

Collapse
No announcement yet.

Friday's Denial of Service Attacks

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Friday's Denial of Service Attacks

    A node on my network was participating in the attacks. My stepson got a new phone recently and for the first time I allowed him to attach to my wireless network. This past week my wife and I were away at a conference. On Thursday morning I started to get email warnings from my network that a MAC address I didn't recognize was attempting to access several websites flagged as malware sights. I had recently added one more computer to the network for him to use so I assumed it was that machine. I forgot about the phone. On Friday morning the packets increased just before we were getting on an airplane. I found out about the attacks during our layover in Atlanta. Neither the hotel or airport wireless access was fast enough for my VPN remote access to my home to stay connected well enough to shut the network down. That is a problem that has been vexing me for a while now. We kept calling him to tell him to shut off that computer but it was going straight to voicemail.

    Apparently on Wednesday evening he went to a small party. He plugged his phone in to charge it and left it there unattended and left the party for a couple hours. When he returned there was a kid there with a laptop in a bag and my stepson thought people were acting funny around him.

    Like I wasn't paranoid enough already. They definitely installed some script kiddie **** on his phone. Unless they were complete idiots they got my wireless password out of the phone. It was easy enough to wipe the phone, toss the SIM card, and change the wireless password. I do use random passwords everywhere even within my home network. I'm sitting here shaking trying to figure out if I need to wipe everything. That would take months to recover from. They could have had two days access into my network using the password and MAC address from the phone. Passwords not protected by access limits could have been easily brute forced in that time.

    The human link is always the weakest.

    #2
    So do you think they did something funny with his phone?

    At least with Apple, you have to "Trust" the computer you plug your phone into and if the phone is locked, no one can trust another computer even if you don't have your phone handy.

    Along with that, I highly doubt the kid at the party was hand installing stuff that participated in the DDoS attacks. The scale-ability of that just wouldn't work.

    Comment


      #3
      I didn't have time to investigate. I was home for a day and a half and then back on the road. He only had the phone a short time and he realized something was wrong right away. It takes a couple minutes to do a factory reset - which I did before I left and they could have done, assuming he had the phone set to lock to begin with. Just as possible he surfed the wrong site and then it probably would have participated. I have no direct evidence other than the timing.

      Comment

      Working...
      X