Reply Response Patterns
Hi , In This Article i Want describe , how to Secure You Services And Servers Agains DOS Attack And ICMP Attack .
After Read This Article You Can use some strategy to block some Unnecessary Reply Responses .
we want Use Some Pattern To block ICMP Replys And Request .
Our Pattern In This Example Is Such As ( 4 Reply , 2 Time Out , ... ) ( Every 10 ms ) :
Reply Reply Reply Reply Request Time Out Request Time Out Reply Request Time Out Request Time Out
we can setup this sample , with IP Firewall , we need two rules .
Rule 1 : Allow Rule With Average Response Times
Rule 2 : Deny Rule For Block Extra Requests
In Rule 1 We Need To Setup Rule Base This Information :
Chain = Input Protocol = ICMP [ Extra Tab ] Dst-Limit = Rate 5 / Min Burst = 3 Limit By = Src Address Expire = 100.00 Action = Allow
In Rule 2 We Need Setup Base This Information :
Chain = Input Protocol = Icmp Action = Deny
--MikroTik Certified Trainer 16:15, 12 April 2013 (UTC)