Community discussions

MikroTik App
 
estdata
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Mon Feb 20, 2012 9:05 pm
Contact:

Flood Protect UDP/TCP and SYN

Sun Mar 11, 2012 11:52 am

Can help thats here this forums ? My networks is full DoS Attack and network is dead . low speed jne... When im can set mikrotik router dropping thats

UDP and TCP Protect thats and forwarding back dos attack packet.
DoS Attack forwarding packett is SYN , right?
Router is Routerboard 751U-2HnD v. 5.11
Can that this mikrotik firewall all blocked and when ? I cant settings , please write here right thats configuration



help me and thanks you
 
User avatar
neelzx
just joined
Posts: 4
Joined: Mon Jan 16, 2012 11:27 am

Re: Flood Protect UDP/TCP and SYN

Sun Mar 11, 2012 12:48 pm

i need this firewall code as well...stuck with same problem :( ...is there any way to stop such ddos attack?? Help us
 
estdata
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Mon Feb 20, 2012 9:05 pm
Contact:

Re: Flood Protect UDP/TCP and SYN

Mon Apr 16, 2012 3:28 pm

/firewall filter
add action=jump chain=forward comment="SYN Flood protect" connection-state=\
new disabled=no jump-target=SYN-Protect protocol=tcp tcp-flags=syn
add action=accept chain=SYN-Protect connection-state=new disabled=no limit=\
400,5 protocol=tcp tcp-flags=syn
add action=drop chain=SYN-Protect connection-state=new disabled=no protocol=\
tcp tcp-flags=syn
add action=drop chain=input comment="detect and drop port scan connections" \
disabled=no protocol=tcp psd=21,3s,3,1
add action=drop chain=input comment="dropping port scanners" disabled=no \
src-address-list="port scanners"
add action=add-src-to-address-list address-list=black_list \
address-list-timeout=1d chain=input comment="detect DoS attack" \
connection-limit=10,32 disabled=no protocol=tcp
add action=tarpit chain=input comment="suppress DoS attack" connection-limit=\
3,32 disabled=no protocol=tcp src-address-list=black_list
 
dakobg
Member Candidate
Member Candidate
Posts: 120
Joined: Mon Nov 06, 2017 8:58 am

Re: Flood Protect UDP/TCP and SYN

Sat Jul 31, 2021 1:33 pm

https://wiki.mikrotik.com/wiki/DoS_attack_protection

As general suggestion, turn off syn cookies when you are Not under ddos

Regards,
 
johnson73
Member Candidate
Member Candidate
Posts: 173
Joined: Wed Feb 05, 2020 10:07 am

Re: Flood Protect UDP/TCP and SYN

Sat Jul 31, 2021 5:50 pm

sorry for the mistake
Last edited by johnson73 on Mon Aug 02, 2021 8:56 pm, edited 1 time in total.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18961
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Flood Protect UDP/TCP and SYN

Sat Jul 31, 2021 6:05 pm

Quick questions:
a. do you run servers on your network
b. are you providing internet for other (like PPPOE server)?
 
R1CH
Forum Guru
Forum Guru
Posts: 1098
Joined: Sun Oct 01, 2006 11:44 pm

Re: Flood Protect UDP/TCP and SYN

Sun Aug 01, 2021 12:56 am

Why did you bump a thread from 2012 ...
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11968
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Flood Protect UDP/TCP and SYN

Sun Aug 01, 2021 2:49 am

To increase the number of posts for sure ...

@dakong seems to be writing without realizing what year it is
@johnson73 seems to be writing at random

@anav seems to have fallen into the trap ...
 
dakobg
Member Candidate
Member Candidate
Posts: 120
Joined: Mon Nov 06, 2017 8:58 am

Re: Flood Protect UDP/TCP and SYN

Mon Aug 02, 2021 7:44 pm

Omg I really need a rest 😀

Who is online

Users browsing this forum: Ahrefs [Bot], anav, Andrey05, ivicask and 84 guests