Reply Response Patterns

From MikroTik Wiki
Revision as of 19:15, 12 April 2013 by Reza.moghadam (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Hi , In This Article i Want describe , how to Secure You Services And Servers Agains DOS Attack And ICMP Attack .

After Read This Article You Can use some strategy to block some Unnecessary Reply Responses .

we want Use Some Pattern To block ICMP Replys And Request .

Our Pattern In This Example Is Such As ( 4 Reply , 2 Time Out , ... ) ( Every 10 ms ) :

Reply
Reply
Reply
Reply
Request Time Out
Request Time Out
Reply
Request Time Out
Request Time Out

we can setup this sample , with IP Firewall , we need two rules .

Rule 1 : Allow Rule With Average Response Times

Rule 2 : Deny Rule For Block Extra Requests

In Rule 1 We Need To Setup Rule Base This Information :

Chain = Input
Protocol = ICMP
[ Extra Tab ]
Dst-Limit = Rate 5 / Min
Burst = 3
Limit By = Src Address
Expire = 100.00
Action = Allow

In Rule 2 We Need Setup Base This Information :

Chain = Input
Protocol = Icmp
Action = Deny


Reza Moghadam


--MikroTik Certified Trainer 16:15, 12 April 2013 (UTC)