How to Protect Your Modem from a Denial-of-Service

A Denial of Service (DoS) attack denies a user the access to his device or network. Although a Denial of Service attacker could target anyone, online gamers, e-commerce websites, and Forex traders are most vulnerable to the attacks. This article shows you how DoS attacks may affect modems and how you can protect your modem.

How a DoS works

A DoS (Denial of Service) works much like a DDoS (Distributed Denial of Service). The only difference is that a DoS is launched from a single computer using a single internet connection, while a DDoS is initiated from multiple internet connected devices or computers and may use more than one internet connection. DoS or DDoS come by different names, depending on their mode of attack. Examples include the SYN Flood, Smurf, Ping of Death and so on.

Denial of Service attacker would bombard a device or network with fake traffic or resource requests. This bombardment floods the victim’s system and blocks out legitimate resource requests. In some instances, an attacker forms a botnet that takes advantage of several other internet connected devices and IPs from unsuspecting internet users to cause a Denial of Service. In this case, we call it a Distributed Denial of Service (DDoS).


In recent times, especially since 2016, reports of IP hijack have been frequent. You can easily find IP addresses on specialized search engines like Shodan, just as quickly as you’d call up web pages on Google. Who knows, you just might be on someone’s naughty list.

Attackers have given many reasons for their Denial of service attacks. Hackers may attack a target because they disagree with their victim’s ideas, or want to take out the competition, or are in cyber warfare, and merely want to extort their targets.

On October 21, 2016, someone took advantage of a Mirai botnet where 100,000 devices were used to attack Dyn which made it difficult for them to connect with customers. Spotify, Etsy, Twitter and some other such big websites went off for some hours in the process. Others attacks include the cases of Rio Olympics, Clinton, and Trump Campaign, to mention a few.

How to Detect a DoS Attack Against a Modem


To attack a modem, an assailant targets your IP address. The only way to know that you’re under attack is that your internet connection goes off for no reason. To determine if it is an attack and not just another malfunction, you can follow these steps:

  • Unplug your modem from its power source and the network cable.
  • If you’ve directly connected your modem to your computer, turn off your computer.
  • Allow everything to stay off for at least five minutes.
  • Plug everything back in and then turn them on.

Call your ISP if your internet disconnection persists. Most ISPs will guide their customers through a troubleshooting session to find out if an attacker is, indeed, sending them malicious traffic or resource requests.

How to Protect Your Modem from a DoS Attack


Prevention is always better than cure. Certain things are not curable – so you’d instead prevent the damage. You can protect your modem using a virtual private network (VPN), a secure Firewall, or a mix of both VPN and Firewall – if they work together.

Virtual Private Network (VPN)

The most potent way to prevent a DoS attack on your modem would be to use a VPN. The software hides your real IP address by connecting you to external servers located in remote places across the globe.

A VPN can also protect your modem’s internet connection, thereby averting a DoS attack. When an attacker floods a target with malicious traffic, a VPN absorbs the traffic and makes it difficult to for him to reach the destination directly.

Antiviruses and Firewalls

Yes, a determined hacker may bring down the defenses of an antivirus or anti-malware software and firewall, but it’s good for your initial line of defense. At least, an antivirus program would stop hackers from efficiently detecting your IP. Another benefit of your defense software includes protecting you from being a target if an attacker launches a DDoS attack on gaming servers that you use.


You don’t want your device being used as a botnet to attack other people. Your antivirus and firewall protection can be helpful here, by preventing Trojan viruses from recruiting your device. Install a firewall on all the computers connected to your network, and ensure they download updates automatically.

If you use Windows, you may consider Microsoft Security Essentials. Kaspersky, AVG, Norton, and Avira all have antivirus software for both Mac and Windows. Sophos covers Mac, Windows, and Linux. Other Linux antivirus programs include Comodo and ClamAV.

How to Fix a DoS Attack on Your Modem

Let’s face it. You may not be so lucky to prevent an attack before it happens. If you’ve been unfortunate to be under attack already, then it’s best that you obtain a new IP address. Getting a different IP address from the one under attack is useful because attackers usually configure their botnets to work automatically. Assailant’s botnet keeps attacking your old IP for as long as it’s active online.

Change your IP address straight from your ISP

If you can still connect to the internet while under attack, this is a good way to change the IP address your ISP automatically assigned your computer.


  • Verify what your IP address is from a site like
  • Unplug your modem completely.
  • Since different ISPs have varying expiry time for their IP addresses, you might have to leave your modem unplugged for 10 minutes to 12 hours to be sure that the existing IP has changed. Use the site in step one above to verify if you now have a new IP address. Please note that WhatismyIP may NOT work if your VPN is turned on.

Resetting your Modem’s IP address on Windows

1. Open a command prompt.


2. Type in the command:


You’ll get something like this:


3. Type

as seen in the prompt window in the image below. Hit the Enter key and wait for a short while for your DHCP server to assign your computer a new IP address.



Resetting IP address for Mac

1. Go to your Apple Menu and select System Preferences.


2. Click on Network to select your Network from the DHCP services listed.


3. Select Advanced on the left side box when you click on WiFi or Ethernet (depending on the one you’d used) and go to TCP/IP.


4. Now select on “Renew DHCP Lease.” Configure IPv4 uses DHCP by default.


You may need to restart your computer or modem after making these changes for the changes to take effect.

Upgrade or change your modem

This step is the last resort if everything else fails. If your modem is significantly out of date, upgrade its network security by asking your ISP (or Google) for guidance. Or buy a new modem altogether.


You don’t have to have a business or a company to be attacked with a Denial of Service. Someone might just be practicing his hacking strength and decide to pick your IP to test their skill. In short, the best form of protection is prevention. Resetting your IP can only give temporary relief from attackers. It is best to use a VPN to protects your IP address and internet data traffic from attackers.

Nicholas Godwin Nicholas Godwin

Nicholas Godwin is a technology researcher who helps businesses tell profitable brand stories that their audiences love. He's worked on projects for Fortune 500 companies, global tech corporations and top consulting firms, from Bloomberg Beta, Accenture, PwC, and Deloitte to HP, Shell, and AT&T. You may follow his work on Twitter or simply say hello. His website is Tech Write Researcher.


  1. I notice you do not provide guidance on how Linux users would change their IP address. Is that because you assume that Linux users are so well versed in computers that they do not require your help? Or is it because you don’t know how to do it yourself?

    Are you talking about static or dynamic IP addresses being attacked?

  2. Perhaps I am missing something here, but I don’t believe that changing a private IP address (found only on your internal network — not on the public internet) would be of any benefit in stopping the impact of a DOS attack. Those attacks are aimed at public IP addresses, so they would target your internet appliance or DSL modem or the public IP of your router, NOT your individual computer. The already suggested method of shutting down public internet access for a period of time is the approach that could potentially work.

  3. BobK is correct. These instructions tell you router to give just the computer you are doing the steps from a new internal private IP address. It does not change the router’s external public address. To change that, you need to log in to the router’s management system (usually a web interface) and do it there. And even requesting a renewed IP is no guarantee that you’ll get a different one. Often DHCP will reserve IPs and always issue the same one to a specific MAC address or customer’s account. So though it is technically dynamic and it isn’t guaranteed that you’ll keep a static address, which usually you need to pay extra for, you’ll effectively have a static one.

    And though it won’t help in this circumstance, this page talks about renewing an IP lease for linux:

  4. Hello to all readers,

    First of all I must say that I agree with BobK. If you want to stop the attack immediately is to change your MAC address of your router.!!! Of course in some cases the ISP of yours will give you a new one or you will be completely out of the Net for good. If the second occurs then you have to call your ISP to re provision your modem/router. This means to assign you a new public IP address. BUT you will have also a problem in your private network as well.Here you have to manually change things yourself because if you have configured NAT port forwarding rules , you have to do them again from the beginning.
    Decent hardware companies like TP-Link have an option in the router’s menu called “MAC Cloning” . Here you can change your routers MAC address.
    One more thing , VPN or TOR won’t save you either if someone gets your ISP assigned IP to you. An attacker can easily find out your IP from IP-mapping in your local area and DOS the entire building or apartment or house he/she wants. Of course I say again that you will not be attacked unless you piss someone off. And keep in mind , NO ONE always serf the Net behind a VPN or a TOR… eventually you will be open to the internet more than once , so ….

  5. As far as tech-advise, this is a pretty one sided look. It’s assuming you have 1 system, connected directly to your Modem (or Router/Modem combo). Most tech users are likely to have a Modem, with their own Router connected to it.
    Also, typically, you can drop and renew your IP, but if your IP isn’t at the end of its lease from the ISP, you will just get the same IP again… The only way this would stop a DDoS attack, is if you got lucky, and unplugging your Modem renewed your IP lease to a new Address.

Comments are closed.