Is it possible to track back someone who DDoS me and changed his IP address?

Is it possible to track back someone who DDoS me and changed his IP address? - Woman Standing on Train Rail

So I logged in this morning and someone had DDoSed me. Luckily it only affected one of my five servers. The guy didn't even dare to delete the list of zombie servers he used to DDoS me from my logfile, but changed his IP address.

Is there a way I can trace back to him? Is the nmap analyzer built in a way that I can use it on his zombie servers to find his new IP, or it'll only log people connected as root?

hacker-experience


Best Answer

Onto Lars's answer, in general no.

But if the guy was stupid enough to upload and install a virus onto your server, then his next DDoS attack would be logged on your server.

Secondly, if you still have the list of IPs from the DDoS result, try going on one of those IPs and check thier logs and see if that same guy DDoS'd someone else.

And I have no bet he is going to come back and DDoS you again.



Pictures about "Is it possible to track back someone who DDoS me and changed his IP address?"

Is it possible to track back someone who DDoS me and changed his IP address? - From below back view of crop strong runner walking along running track in athletics arena while doing warm up exercises during workout
Is it possible to track back someone who DDoS me and changed his IP address? - Fit runner standing on racetrack in athletics arena
Is it possible to track back someone who DDoS me and changed his IP address? - Unrecognizable woman riding train and looking out window


Can a DDoS be traced back?

People using a tool to conduct distributed denial-of-service (DDOS) attacks against other websites in support of WikiLeaks can easily be traced, according to computer security researchers.

Will changing IP address stop DDoS?

When a full-scale DDoS attack is underway, then changing the server IP and DNS name can stop the attack in its tracks. However, if the attacker is vigilant, then they might start sending traffic to your new IP address as well.

Can DDoS attack be tracked?

Yes. DDoS attacks are traceable. It is a very strenuous job to find the source of the DDoS attack or the person who started the attack, but with the right procedures and use of advanced tools, a DDoS attack can be traced back to its source.

How can DDoS attacks be traced?

Tracing one or two bots with IP traceback methods is feasible; tracking an entire botnet with 30,000 infected bots is not. As mentioned before, DDoS-ers use one or more controllers or proxies to hide behind the botnet. Attackers only use their machines to send encrypted (or obfuscated) messages to these controllers.


Someone Has My IP Address – Should I Be Scared?



More answers regarding is it possible to track back someone who DDoS me and changed his IP address?

Answer 2

Generally, if there is a long list of zombie servers, they will not go to all of them and delete their IP from all of them. It should say, on one of the IP's, "DDoS attack against (your IP) initiated by (their IP)" if I am not mistaken. But if they are on popular servers, such as someone who doesn't understand the importance of log deleting/altering, or on NPC servers, it is possible people just go on and delete all of the logs when they log on instead of just theirs. Please correct me if I'm wrong, but i believe that is how someone tracked me after I DDoS'd them.

Sources: Stack Exchange - This article follows the attribution requirements of Stack Exchange and is licensed under CC BY-SA 3.0.

Images: Ruslan Zzaebok, Andrea Piacquadio, Andrea Piacquadio, Genine Alyssa Pedreno-Andrada

Related Topics