Community discussions

MikroTik App
 
pashaumka
just joined
Topic Author
Posts: 1
Joined: Thu Mar 26, 2020 9:29 pm

RB951N bug mikrotik DO DDOS attack

Thu Mar 26, 2020 9:38 pm

In general - the subscriber called - started picking. Replaced the abnormal activity of the pruter at port 23 .. Okay. I screwed all the service ports of the microbe on the firewalls on the brasses.
Day went to the subscriber. Reset the router. Otherwise, he was dumped somehow sooo tight.
He scored the settings and locked all the services .. In the evening, a panic at the abon. Remote access show strange!

Situation - Mikrotik remembered the IP address given 2 connections back !!!!! and began to arrange a robust DDOS from an already released address, natting his current session !!!!!!
Someone came across this ..
Microtik says that the firmware is "up to date"

Any Ideas???
screen_capture 2020-03-26_7-24-21_pm.png
Screenshot_16.png
Screenshot_13.png
You do not have the required permissions to view the files attached to this post.
 
andriys
Forum Guru
Forum Guru
Posts: 1230
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: RB951N bug mikrotik DO DDOS attack

Fri Mar 27, 2020 1:15 pm

I can hardly read your Runglish... Try using proper Russian without any traces of slang before feeding it to Google translate (or whatever else you are using).

Anyways. You wrote the firmware is current, however your screenshot says you are running RouterOS version 6.30.4. That is very far from being current. The current versions are 6.45.8 (Long-term) and 6.46.4 (Stable). Try upgrading your device first. And since a lot of vulnerabilities were fixed since 6.30.4 Netinstall is strongly recommended. And don't forget to do /export (not backup!) before the upgrade.
 
User avatar
ingdaka
Member Candidate
Member Candidate
Posts: 290
Joined: Thu Aug 30, 2012 3:06 pm
Location: Albania
Contact:

Re: RB951N bug mikrotik DO DDOS attack

Fri Mar 27, 2020 1:43 pm

And as I can see from your pic seems that you (device connected to mikrotik) is attacking others with syn flood. Maybe one of devices has malware or is a botnet.
Ilir Daka
Electronic & Network Engineer
E-mail: ilirdaka@live.com
Mob: +355692982151
WhatsApp: +355692982151
Mikrotik Official Consultant
CCNA | Fortinet NSE3 | MTCRE | MTCSE | MTCWE

Who is online

Users browsing this forum: bpolat, eworm, gkk, IlCarletto, jamrobe and 167 guests