First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Extreme Cyber Attack Chip Level

I know who is doing it and it is a chip level cyber attack. Please see packets below All outgoing packets from my laptop to websites I wants to visit being refused by hacker from IP address of my router.

9 2023-01-29 20:23:38.304006 192.168.1.1 fedora.local DNS 76 Standard query response 0x863d Refused A ntp.ubuntu.com

119 2023-01-29 20:23:39.061863 192.168.1.1 fedora.local DNS 86 Standard query response 0xa2eb Refused PTR 1.1.168.192.in-addr.arpa

494 2023-01-29 20:23:40.798412 192.168.1.1 fedora.local DNS 76 Standard query response 0x9f93 Refused AAAA www.google.com

541 2023-01-29 20:23:41.006143 192.168.1.1 fedora.local DNS 76 Standard query response 0x6fa9 Refused AAAA www.google.com

607 2023-01-29 20:23:41.225222 192.168.1.1 fedora.local DNS 86 Standard query response 0x9bfd Refused AAAA detectportal.firefox.com

921 2023-01-29 20:23:42.077168 192.168.1.1 fedora.local DNS 89 Standard query response 0x35a7 Refused AAAA safebrowsing.googleapis.com

Please experts help me find out what should I look for and am I right it is this attack.

Thanks

aks's avatar
1
aks
asked 2023-01-29 16:06:31 +0000, updated 2023-01-29 16:07:53 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

No this doesn't look like any kind of attack. It looks like your computer is trying to use a DNS server that refuses to answer queries, which usually happens if you try to use a DNS server that only answers those coming from a specific IP range. E.g. if you're using a DNS server from an old/different ISP than your current ISP this could happen. Try setting your DNS to 8.8.8.8 to test if it works then.

Jasper's avatar
24.1k
Jasper
answered 2023-01-31 11:55:40 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Okay thanks I will try. But it several times connects and giving good speed and other time it does not. Second thought ng is that I set DNS to automatic. If it is the same case you told above then is my laptop sometime use one DNS and other time another itself

aks's avatar aks (2023-02-01 14:28:14 +0000) edit
more
  • delete

I changed the DNS try both 8.8.8.8 and 1.1.1.1 No website opening still. Now I am not getting above "refused" DNS error. now lots of lots of ICMP destination unreachable. This is why I am saying my laptop and router is being controlled by hacker at chip level.
P.s. I also connected through wired tethering still not connecting.

aks's avatar aks (2023-02-01 15:14:17 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer