Reply Response Patterns

From MikroTik Wiki
Revision as of 20:38, 10 November 2011 by Reza.moghadam (talk | contribs) (Created page with "Hi , In This Article i Want describe , how to Secure You Services And Servers Agains DOS Attack And ICMP Attack . After Read This Article You Can use some strategy to block some ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Hi , In This Article i Want describe , how to Secure You Services And Servers Agains DOS Attack And ICMP Attack . After Read This Article You Can use some strategy to block some Unnecessary Reply Responses . we want Use Some Pattern To block ICMP Replys And Request . Our Pattern In This Example Is Such As ( 4 Reply , 2 Time Out , ... ) ( Every 10 ms ) :

Reply Reply Reply Reply Request Time Out Request Time Out Reply Request Time Out Request Time Out

we can setup this sample , with IP Firewall , we need two rules .

Rule 1 : Allow Rule With Average Response Times Rule 2 : Deny Rule For Block Extra Requests

In Rule 1 We Need To Setup Rule Base This Information : Chain = Input Protocol = ICMP [ Extra Tab ] Dst-Limit = Rate 5 / Min Burst = 3 Limit By = Src Address Expire = 100.00 Action = Allow


In Rule 2 We Need Setup Base This Information : Chain = Input Protocol = Icmp Action = Deny

Retrieved from "https://wiki.mikrotik.com/index.php?title=Reply_Response_Patterns&oldid=22445"