MikroTik

Can help thats here this forums ? My networks is full DoS Attack and network is dead . low speed jne... When im can set mikrotik router dropping thats

UDP and TCP Protect thats and forwarding back dos attack packet.
DoS Attack forwarding packett is SYN , right?
Router is Routerboard 751U-2HnD v. 5.11
Can that this mikrotik firewall all blocked and when ? I cant settings , please write here right thats configuration



help me and thanks you

i need this firewall code as well...stuck with same problem ...is there any way to stop such ddos attack?? Help us

/firewall filter
add action=jump chain=forward comment="SYN Flood protect" connection-state=\
new disabled=no jump-target=SYN-Protect protocol=tcp tcp-flags=syn
add action=accept chain=SYN-Protect connection-state=new disabled=no limit=\
400,5 protocol=tcp tcp-flags=syn
add action=drop chain=SYN-Protect connection-state=new disabled=no protocol=\
tcp tcp-flags=syn
add action=drop chain=input comment="detect and drop port scan connections" \
disabled=no protocol=tcp psd=21,3s,3,1
add action=drop chain=input comment="dropping port scanners" disabled=no \
src-address-list="port scanners"
add action=add-src-to-address-list address-list=black_list \
address-list-timeout=1d chain=input comment="detect DoS attack" \
connection-limit=10,32 disabled=no protocol=tcp
add action=tarpit chain=input comment="suppress DoS attack" connection-limit=\
3,32 disabled=no protocol=tcp src-address-list=black_list

https://wiki.mikrotik.com/wiki/DoS_attack_protection

As general suggestion, turn off syn cookies when you are Not under ddos

Regards,

sorry for the mistake

Quick questions:
a. do you run servers on your network
b. are you providing internet for other (like PPPOE server)?

Why did you bump a thread from 2012 ...

To increase the number of posts for sure ...

@dakong seems to be writing without realizing what year it is
@johnson73 seems to be writing at random

@anav seems to have fallen into the trap ...

Omg I really need a rest