Greetings,
I am facing a big issue related to DDOS attack.
there is a web site name “http://quezstresser.com/index.php”. few of my opponents are using this site to send DDOS attack to my mikrotik. I tried to make many firewall rules from wiki and here there, but still i am unable to stop it. it have few attack types like ntp, chargen, ssyn, ack, rst. when this attack occurs, my UPLINK goes full and CHOCK.
I am unable to understand now how to block it. can any 1 give some directions or post firewall for it?
You cannot forego the input line choking. Only your isp can block it on his own routers if you ask for it. The things you can do is tarpit such all connections hoping that it will consume the attacker’s resources. Or just silently drop everything that comes from the attacker hoping he will stop after some time not getting any responses. Be sure you are dropping incoming traffic to port 53.
Sometimes changing the public ip helps immediately for some time.