Community discussions

MikroTik App
  4. RouterOS
  5. General

syn flood how to drop

Post Reply
 
someuser
Member Candidate
Member Candidate
Topic Author
Posts: 102
Joined: Tue Apr 13, 2010 7:05 am

syn flood how to drop

Tue Apr 20, 2010 9:14 pm

Anybody recognize this as either a real threat or harmless script kiddy?
Are there firewall implementations to drop the ip?

------------------------------------------------------------------------------

010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57496 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57498 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57499 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57500 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57503 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57504 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57506 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57507 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57508 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57509 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57511 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57512 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57513 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57514 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57515 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57516 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57517 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57519 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57520 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57521 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57522 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57523 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57525 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57526 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57527 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57528 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57529 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57530 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57532 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57533 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57534 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57536 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57537 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57538 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57539 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57540 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57541 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57542 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57544 DPT=80
2010 Apr 19 19:24:50 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=209.170.90.25 PROTO=TCP SPT=57545 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57847 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57848 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57849 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57853 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57854 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57856 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57857 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57858 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57859 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57860 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57862 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57863 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57864 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57866 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57867 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57868 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57869 DPT=80
2010 Apr 19 19:25:45 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=98.174.31.200 PROTO=TCP SPT=57873 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58135 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58151 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58088 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58104 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58120 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58136 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58152 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58168 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58089 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58105 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58137 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58185 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58090 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58106 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58122 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58154 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58170 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=205.128.91.126 PROTO=TCP SPT=58091 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=206.33.44.126 PROTO=TCP SPT=58100 DPT=80
2010 Apr 19 19:28:56 [Lee Valley Router] [kernel] SYN-FLOOD IN=LAN
OUT=WAN SRC=192.168.103.44 DST=206.33.44.126 PROTO=TCP SPT=58196 DPT=80
Top
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7053
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:
Contact mrz

Re: syn flood how to drop

Thu Apr 22, 2010 12:44 pm

http://wiki.mikrotik.com/wiki/Drop_port_scanners
Top
Post Reply

Who is online

Users browsing this forum: nescafe2002 and 94 guests
  4. RouterOS
  5. General