Page 1 of 1
UDP attack port 53 need good solution
Posted: Thu Jan 23, 2014 12:19 pm
by kashifmac2005
Dear all,
I am receiving UDP attack on port 53 for reference snapshot is attached right now for this i am using drop rule but problem is that my router is continuously dropping packets since last night and still doing this i dont know why this attack is not finished yet and what kind of attack is this?
i need solution that can resolve my problem
Re: UDP attack port 53 need good solution
Posted: Thu Jan 23, 2014 12:23 pm
by markom
/ip firewall filter
add action=drop chain=input dst-port=53 in-interface=ether1 protocol=udp
add action=drop chain=input dst-port=53 in-interface=ether1 protocol=tcp
Re: UDP attack port 53 need good solution
Posted: Thu Jan 23, 2014 4:19 pm
by redflag237
Dear all,
I am receiving UDP attack on port 53 for reference snapshot is attached right now for this i am using drop rule but problem is that my router is continuously dropping packets since last night and still doing this i dont know why this attack is not finished yet and what kind of attack is this?
i need solution that can resolve my problem
It's just an DDoS attack. The attacker sends DNS Request, that are resolved by your router. This results in big traffic for the target Machine, so the machine that is SOA of the DNS target (hundreds of this open resolvers get used for this).
Regards,
redflag237
Re: UDP attack port 53 need good solution
Posted: Fri Jan 24, 2014 9:12 am
by kashifmac2005
It's just an DDoS attack. The attacker sends DNS Request, that are resolved by your router. This results in big traffic for the target Machine, so the machine that is SOA of the DNS target (hundreds of this open resolvers get used for this).
Regards,
redflag237
Sir any powerful solution for this because i am using drop rule right now
Re: UDP attack port 53 need good solution
Posted: Mon Jan 27, 2014 4:38 am
by leetw302
It's just an DDoS attack. The attacker sends DNS Request, that are resolved by your router. This results in big traffic for the target Machine, so the machine that is SOA of the DNS target (hundreds of this open resolvers get used for this).
Regards,
redflag237
Sir any powerful solution for this because i am using drop rule right now
If, your WAN is Dynamic IP Address, Contact your ISP Provider about IP changes
Re: UDP attack port 53 need good solution
Posted: Tue Jan 28, 2014 6:48 am
by kashifmac2005
It's just an DDoS attack. The attacker sends DNS Request, that are resolved by your router. This results in big traffic for the target Machine, so the machine that is SOA of the DNS target (hundreds of this open resolvers get used for this).
Regards,
redflag237
Sir any powerful solution for this because i am using drop rule right now
If, your WAN is Dynamic IP Address, Contact your ISP Provider about IP changes
have static ip but now problem solve after 2 days of continuous attack maybe attacker taking some rest i am still monitoring it.
Thanks to all for suggestions and guidance which helped me a lot.