Hello, I need help, I have a Mikrotik Rb750gr3 Hex 4 Cores 880mhz Cpu Level and I am having ddos attacks on my minecraft port 25565, they have set me rules certified people of this device and it does not block the attacks .. ideas thank you I send you an example of how they are Although the attacks vary, some saturate the broadband. If you have any skript or rules for this type of case I would appreciate it, thank you very much
one of the pages that attackers use is the following which would be the appropriate rule to stop such attacks [spam_link_removed] .. thank you very much for your help
/export hide-sensitive file=anynameyouwish
Looks like a dons amplification attack,
Post full config ( between code tags in menu so we can see what is wrong
I don’t know much about this. They configured it for me but the rules do not stop the attack. I can tell you that the page they use is freestresser.to
What rule can I use, explain it to me step by step thanks
Who is they?
Post your config…
/export hide-sensitive file=anynameyouwish
what do you do that command? I am very new to this … I only ask for a rule to stop an attack from the page that happens that they send me 1gb of bad packets by udp
Who is they?
Do you not control the router?
Do you use winbox to access the router??
Hello, my english is bad, can I give you access through anydesk and you can see the attacks? Could it be solved with a rule? Thank you
Sorry if you do not know anything about the configuration on your router nor how to access it and produce an export file, it sounds like
you do not own the router and it belongs to the ISP. They have to help you not us.
if I am the owner of the firewall. but I am a neophyte in this matter I do not understand anything. what data do you need to help me?
This type of volumetric attack (dns reflection?) => you cannot “stop” it yourself. You need “upstream” support for this (= ISP)
Small UDP-packets are hitting your router and consume some bandwidth & resources.
first of all, convert all “reget” rules on “drop”, or yourself cause an amplitude of attack or your ruoter are used for attack…
second: I never see accept 67 and 68 from WAN
third: the return rules #11 and #12 just after the jump?
screenshot do not provide any detail with rules because not all is on the image…
The rules were configured for me by a mikrotik technician, many tried to set rules and none could stop the udp attack. They attack me with 11 thousand IPs from different countries with small packages. It is not like other countries that protect you from attacks. I am alone in this. if someone can pass me the correct configuration. there I put the attachment of the config of my firewall
Hi Pinpon,
Who are the legitimate users of your minecraft server?
What I need you to do is for your friends using the server to provide you with:
a. either their public IP address (if fixed or static)
b. a dyndns domain name (if their public IP is dynamic, or is a private IP, actually behind another public IP)
Then get rid of all the junk rules that have been added besides the default rules.
Then tell all your users that the incoming port for minecraft server on your system will change to ccccccc
Then on your Destination NATRULE change the destination port accordingly and add a firewall address list to the rule source-address-list=allowed_users
If you want to try this approach let me know and I will look at the config.
Sincerely, I do not trust on generic “mikrotik technician” than mix input and forward rules, use reject on WAN side and accept BOOTP/DHCP from WAN
I’d remove that config from your forum post if I were you. It looks like hide-sensitive isn’t a silver bullet and doesn’t sensitize something it doesn’t know should be sensitive.
Oops …
It is best that you change all passwords within the export you have posted.
hello the ip is dynamic when they do big attacks it changes automatically. and my ip the users, no matter how much I hide it, enter the server with a cport, they know my real ip and they send me the attacks with free stress pages. and they flood my upd with thousands of bad ip’s. can you try to make a better configuration?
I offered to help, but you do not seem to want it.
Good luck.
Hello, the language does not favor us .. if I went to ask you for help. How can I not love her? no we are not understanding it seems to be … if you want to help me can you create a configuration and I import it? . because I have no idea what he tells me to do there thanks