Hello ,
I could not find a clear source anywhere, either. When the SYN-Cookie protection on Mikrotik devices is activated, which of the following images behaves like?
http://prnt.sc/vkxth4
http://prnt.sc/vkxtgn
Kind regards
-
-
Sanalturkey
just joined
- Posts: 3
- Joined:
Re: Mikrotik SYN Cookie Protection
SYN cookies do not do anything to protect against volumetric attacks.
Acts according to the information at https://tr.wikipedia.org/wiki/SYN_cookies.
You can test it by typing the appropriate dst limit into your raw table.
Acts according to the information at https://tr.wikipedia.org/wiki/SYN_cookies.
You can test it by typing the appropriate dst limit into your raw table.
Code: Select all
add chain=prerouting protocol=tcp tcp-flags=syn,rst action=drop
add action=drop chain=prerouting protocol=tcp tcp-flags=!fin,!syn,!rst,!ack
add action=jump chain=prerouting jump-target=RAW_SYN_ACK protocol=tcp tcp-flags=syn,ack
add action=return chain=RAW_SYN_ACK dst-limit=32,32,src-and-dst-addresses/10s protocol=tcp tcp-flags=syn,ack
add action=drop chain=RAW_SYN_ACK
Re: Mikrotik SYN Cookie Protection
I think SYN cookie in RouterOS is only active for TCP connections to the router itself, not when handling forwarded traffic.
Who is online
Users browsing this forum: Baidu [Spider], Bing [Bot] and 202 guests