I don't know what to do. i've been skyping him to stop. I got his ip from a skype resolver. But how do I Report the ip? And How Do I secure my DD-WRT Router(The Router Has Linux. it runs a third-party firmware) so it will be stronger to these attacks he's throwing out.... He's got my ip. all my computers runs Linux no windows. please help me

Program the router to DROP the packets. You should be able to use the router's interface to do it.

Hi,

If you have the violator's IP then do from 'cli' a 'whois xxx.xxx.xxx.xxx' where xxx is the violator's IP. You should get back something like;'yyy' is the end range. You would then report via email to 'abuse@someDomainName.type' the IP and any actions performed by the violator. If you have any logs then attach to the report. Include any relative information for this violation. ISP providers do take these incidents very seriously.

Hope this helps.

where about in Australia are you

How does asking such a question help the OP?

How long has this been going on?
What tools did you use to determine backdoors are placed?
Can you show us any relevant log file excerpts?

If he's got a backdoor, why does he need to bruteforce his way "in"?

Australia has laws just like other nations. After you drop him, Contact the ISP, submit a log with the infractions, and let them handle it.

Chances are it's not a hacker himself but a zombie unit being used by a botnet.

I would like to remind all jumping in that in the LQ Security forum we favour factual, unambiguous information over "thinking", "worrying" and gut feeling in order to avoid potential false positives and problems cause by Something Else Completely.

1 members found this post helpful.

What to do?

This depends on what you want to do.
Do you want to forensicly get all the proof you need, how what where when who to report him or just save your system?

I would just disconnect, reinstall from backup, if you have one.
Or just backup config files you need.

If you have another router, connect it, reboot modem and this will give you a new ip if you have dynamic ip from a cable provider or similar.
Usually, if a dynamic ip is what you have a simple macchanger -r eth0 will give your linux router eth card a new mac, thus, a new ip, just remember to reboot the modem.

Just reinstall.


If you want to go the forensic route, there are plenty of us here who can guide you camly through the process' and steps to do so.
this will at least let you know what was added and changed hopefully so you can ignore this areas upon saveing for reinstall.is depends on what you want to do.
Do you want to forensicly get all the proof you need, how what where when who to report him or just save your system?

I would just disconnect, reinstall from backup, if you have one.
Or just backup config files you need.

If you have another router, connect it, reboot modem and this will give you a new ip if you have dynamic ip from a cable provider or similar.
Usually, if a dynamic ip is what you have a simple macchanger -r eth0 will give your linux router eth card a new mac, thus, a new ip, just remember to reboot the modem.

Just reinstall.


If you want to go the forensic route, there are plenty of us here who can guide you camly through the process' and steps to do so.
this will at least let you know what was added and changed hopefully so you can ignore this areas upon saveing for reinstall.