Reply Response Patterns

From MikroTik Wiki
Jump to: navigation, search

Hi , In This Article i Want describe , how to Secure You Services And Servers Agains DOS Attack And ICMP Attack .

After Read This Article You Can use some strategy to block some Unnecessary Reply Responses .

we want Use Some Pattern To block ICMP Replys And Request .

Our Pattern In This Example Is Such As ( 4 Reply , 2 Time Out , ... ) ( Every 10 ms ) :

Reply
Reply
Reply
Reply
Request Time Out
Request Time Out
Reply
Request Time Out
Request Time Out

we can setup this sample , with IP Firewall , we need two rules .

Rule 1 : Allow Rule With Average Response Times

Rule 2 : Deny Rule For Block Extra Requests

In Rule 1 We Need To Setup Rule Base This Information :

Chain = Input
Protocol = ICMP
[ Extra Tab ]
Dst-Limit = Rate 5 / Min
Burst = 3
Limit By = Src Address
Expire = 100.00
Action = Allow

In Rule 2 We Need Setup Base This Information :

Chain = Input
Protocol = Icmp
Action = Deny


Reza Moghadam


--MikroTik Certified Trainer 16:15, 12 April 2013 (UTC)