as it stands, its enabled, which can help attacker do DDoS from mikrotik IP.

how do i disable the recursive queries ability so that external attackers cant use it?

does disabling ALLOW REMOTE REQUESTS prevent recursive querries?

thanks

Block external access to the DNS service using filters on the input chain. Your external interfaces should be blocking *all* input traffic except the few traffic types that you have allowed.

thanks. do i still need to do the filter chains if allow remote requests is turned off?

thanks. do i still need to do the filter chains if allow remote requests is turned off?

Switching remote requests off will stop network requests but I would still recommend that you check your input filters and make sure that you have appropriate input filters to control access to the router and its services. See info on links below:

http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Filter

http://wiki.mikrotik.com/wiki/Securing_ ... rOs_Router