Hi guys
some ISP using mikrotik are getting attacked with DDOS with SSDP... some peaks of 50gbps, any ideas on how to mitigate this?? the Upstream provider is having some dificulties also...
below some pics of traffic packet sniffer during the attack whilst all CPU cores on 1036 and 1072 jam at 100% usage..
we see thousands of spoof ips doing the attack... SSDP port 1900 is closed on Ip firewall raw.. on src and dst.. udp and tcp..
and