Suggestion Prevention Requests (DOS Attack: STORM)

Today, when I was just streaming on Twitch.tv, I was threatened and got hit by a DOS attack: STORM which effectively slow down my internet and cut me off from streaming at Twitch.tv.

Looking through the IP log from my router, I can say it is not from my own computer network since it is not with 197.*.*.* but rather IP address from China/Vietnam and other IPs (123.*.*.* , 101, 122, 117, 125, etc).

Code:

[DOS attack: STORM] attack packets in last 20 sec from ip [113.236.93.7], Monday, Oct 29,2012 15:49:21
[DOS attack: STORM] attack packets in last 20 sec from ip [113.132.188.255], Monday, Oct 29,2012 15:49:20
[DOS attack: STORM] attack packets in last 20 sec from ip [125.115.2.66], Monday, Oct 29,2012 15:49:20
[LAN access from remote] from 149.154.68.186:53 to 192.168.1.187:6118 Monday, Oct 29,2012 15:49:20
[DOS attack: STORM] attack packets in last 20 sec from ip [112.229.204.179], Monday, Oct 29,2012 15:49:20
[DOS attack: STORM] attack packets in last 20 sec from ip [101.99.3.150], Monday, Oct 29,2012 15:49:20
[DOS attack: STORM] attack packets in last 20 sec from ip [125.38.27.205], Monday, Oct 29,2012 15:49:20

I was wondering looking at this sample, if there is something that is vulnerable in my network especially the "LAN access from remote" part since I am not familiar in what it is saying.

Any suggestions on how I was DOS or what measure I can take to prevent future attacks? Everything is updated in terms of security and drivers too.

That person also threatened to "delete system 32 on my PCs" if he was banned (but I never did since I was knocked offline so Twitch.tv admins did ban him instead).

Windows 8 64-bit
Comcast Internet


- LL

 

I'm sorry, I can't edit the post anymore for some reason and noticed some errors:

- None of my IPs originate from 192.*.*.* (not 197.*.*.*)
- I'm using Windows 7 (64-bit) not Windows 8.

- Everything is updated (OS and other stuff like browser, Flash, etc)

There is no malware found from MSE, NOD32, etc.

Last did some testing with GRC.COM Shield's Up to test my ports and it found everything closed. BUT I am planning to test that 6118 port after work because I am not sure what it means by "[LAN access from remote]" (sounds like it gained access to my PC from that port if that is what it means).

 

Some routers allow remote management, make sure those options are turned off, remote management means from the wan side, which is what would be happening in this case.

 

Thank you for replying sir.

I do have Remote Management off for both my Windows OS on my network and the router. I also have UPnP off too since I don't trust it too much and make my network vulnerable.

After further review on the situation, it looks like Skype might be the reason... somehow someone knows my user skype name and was able to get the IP and DDOS me.

I looked around the web and learned that is one of the largest vulnerability of skype, which is .. pretty sad.