Community discussions

Topic Author
Posts: 33
Joined: Wed Feb 07, 2007 10:05 pm

DDOS Attack

Tue Jun 26, 2007 11:07 pm

Anyone knows how to block DDOS attack from the internet or LAN? What is the Firewall rule for that?
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Wed May 23, 2007 10:19 pm

Re: DDOS Attack

Wed Jun 27, 2007 2:28 am

Depends how they are doing the attack. :lol:
Posts: 436
Joined: Fri May 28, 2004 7:52 pm
Location: Florida

Re: DDOS Attack

Wed Jun 27, 2007 2:42 am

just joined
Posts: 1
Joined: Fri Mar 13, 2009 6:23 pm

Re: DDOS Attack

Fri Mar 13, 2009 6:24 pm

For DDoS mitigation and ddos protected hosting i recommend GigabitDC. They even offer free migration.
User avatar
Frequent Visitor
Frequent Visitor
Posts: 97
Joined: Wed Nov 12, 2008 4:55 pm
Location: 34T, Barcelona, Spain

Re: DDOS Attack

Fri Mar 13, 2009 6:43 pm

/ip firewall filter
add action=add-src-to-address-list address-list=black_list \
address-list-timeout=1d chain=input comment="Add ddos to adress list" \
connection-limit=10,32 disabled=no protocol=tcp
add action=log chain=input comment="Log ddos" connection-limit=3,32 disabled=\
no log-prefix="FILTER, DDOS DROPPED:" protocol=tcp src-address-list=\
add action=tarpit chain=input comment="Tarpit ddos" connection-limit=3,32 \
disabled=no protocol=tcp src-address-list=black_list

[toor@extreme] /ip firewall connection tracking> export
# mar/13/2009 17:42:47 by RouterOS 3.20
# software id = 4H1M-LTT
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=yes \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
[toor@extreme] /ip firewall connection tracking>
.mhavoc world

Who is online

Users browsing this forum: No registered users and 141 guests