Is it possible to track back someone who DDoS me and changed his IP address?

hacker-experience

So I logged in this morning and someone had DDoSed me. Luckily it only affected one of my five servers. The guy didn't even dare to delete the list of zombie servers he used to DDoS me from my logfile, but changed his IP address.

Is there a way I can trace back to him? Is the nmap analyzer built in a way that I can use it on his zombie servers to find his new IP, or it'll only log people connected as root?


Solution 1:

No, you can not find him.

When you get a new IP address from the ISP, there is no link between the old and new IP. There is no way to get the new IP address from the new address. That is what the IP reset is for: giving you a fresh start.

Solution 2:

Onto Lars's answer, in general no.

But if the guy was stupid enough to upload and install a virus onto your server, then his next DDoS attack would be logged on your server.

Secondly, if you still have the list of IPs from the DDoS result, try going on one of those IPs and check thier logs and see if that same guy DDoS'd someone else.

And I have no bet he is going to come back and DDoS you again.

Related

What cross-game connectivity is there between Civilization: Beyond Earth and Starships?
What happens when you're really plagued by a popular song but you have no weasels to pop?
Is there a way to view known blueprints without an empty upgrade slot?
Does Legendary Armour Benefit a Companion?
Is it possible to win Castle of the Winds without the teleport spell?
Where are the RadScorpions?
Is there a good reason to collect all the treasure chests?
What triggers "time gems" in lightning-mode?
How do I build lengthwise multi-platform stations?
Use of eval() in local program
how to tell if a screen is add or change in django admin
Why Golang random numbers are not random [duplicate]