This is only the first page of the log, it goes on and on with the exact same bullshit. IPs showing up in China, Singapore, etc. Contacted the companies "in control" of those IPs and they're denying everything. Contacted my ISP but havent heard back yet.

Anything else I can do to make this shit stop? Can't do shit on my internet with it going on.

Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny
Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny
Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny
Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny
Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny
Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny
Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny
Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny
Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny
Jul/07/2005 15:45:15 Drop UDP packet from WAN 61.235.154.103:53935 65.160.152.59:1026 Rule: Default deny

Messenger spam. How cool.

You're already doing the only things you CAN do. Drop the packets, and alert every ISP between you and them, hoping that one of them between you drops it for you.

In my experience it's been pretty useless trying to get anything done about that kind of attack unless it's from G8 sort of country or you happen to know someone technically minded that lives there who can call the ISP or some upstream route and explain to them in their own language what's going on.

Your best bet would be to get a ticket at your ISP escalated as quickly as possible to someone that actually touches routers from time to time. Try to avoid letting them call you back, insist on being escalated even if it means being on hold. While those guys tend to be busy, they're generally not as unavailable as the phone drones make them out to be and chances are if they're doing a messenger spam/attack on you, it's probably your whole netblock.

Other than that you could try sending ICMP unreachable messages to the source hosts, but chances are they won't get there or be honored.

Appreciate the info guys. The main problem I'm having is getting all the IP addresses/logs, there are just so many of them and from around the globe. Getting god damn annoying though.

I think it's something larger than just a knock-knock on the router. I went and looked on my email address from my ISP I never check and there was a message that was obviously not from my ISP asking to goto some random website and login to check a "special spam security alert" message box.

Also, I'm noticing that about 1 out of 5 of the IPs hammering me are from my ISP. Still waiting to hear from them about it to see if theres anything they can do about it besides changing my IP. Which I guess would be pointless anyway if they're attacking the entire isp :/