Community discussions

MikroTik App
 
coeldrift
just joined
Topic Author
Posts: 1
Joined: Thu Dec 01, 2022 12:39 pm

UDP DDOS from spoofed source IP - how to prevent?

Thu Dec 01, 2022 12:52 pm

Hello guys.
My router is being a target of a UDP attack (mostly UDP). It's a smart attack as sender is using spoofed source-ip completely randomized (all spectrum of IP's from 1.0.0.0/8 to 212.0.0.0/8). Traffic is about 60.000 pps and hosts are changing all time so it's impossible to put them on the list. Do you have any ideas how to prevent it? I was looking at forum and couldn't find any. My router is CCR 1036 so it's taking it quite well however some customer services doesn't work as the attacker is spamming server ports. First he was sending a shit loda of TCP RST packets to cause double traffic, but I blocked it from outside. So now he is just flooding with UDP. I can send you some raw packets to see what's flying there.

Kind regards,
Jim

Who is online

Users browsing this forum: AkosGergely, araqiel, Maggiore81, Marc1963 and 80 guests