How to Secure MikroTik From DDoS

how to secure mikrotik from ddos.

A denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt normal traffic from a targeted server, service, or network by flooding the target or surrounding infrastructure with flood Internet traffic. DDoS attacks, e.g. HTTP flood, SYN flood, DNS amplification, etc. For that, we must know how to secure MikroTik from DDoS because this attack can reduce the performance of the MikroTik Router, which is caused by the large number of packets sent in a short time.


Securing MikroTik From DDoS

1. To secure MikroTik from DDoS, you can first go to the IP menu > Firewall then select the Filter Rules tab then click the + icon.

2. On the General tab in the Chain section, fill in forward than in the Protocol section, fill in 6 (TCP).


3. Then click the Advanced tab and then open the TCP Flags section then fill in the TCP Flags with syn.


4. Then click the Extra tab then open the Connection Limit section after that fill in the Limit section to limit connections and in the netmask section fill in 32.


5. Next, click the Action tab then fill in the Action section with add src to address list to move the perpetrator's IP to the address list then in the address list section you can freely name the DDoS perpetrator and in the Timeout section, it is the time penalty given to the DDoS perpetrator so that it can send packets to the MikroTik router.


6. Do the same thing as number 1 – 5 or you can do a Copy of the Rule earlier. But on the General tab in the Chain section, you fill it with Input.


7. Create a new rule still in the IP menu > Firewall then select the Filter Rules tab then click the + icon.

8. Then on the General tab in the Chain section, fill in the Forward section and in the Protocol section with 6 (TCP).


9. Next click the Advanced tab in the Src section. Address List select the address list in the previous Rule.




10. Then click the Action tab and then in the Action section fill it with tarpit, this serves to inhibit or stop the connection in the DDoS process.


11. Do things like number 7 - 10, like before you can do a Copy on the Rule that has been made to make it faster. But on the General tab in the Chain section, you fill it with Input.


12. Finally, do the DDoS trial stage on the MikroTik router IP, you can use applications such as Zenmap or others. You can see the IP address of the perpetrator who did DDoS on the IP menu > Firewall and then select the Address Lists tab.



Summary

So that's how to secure MikroTik from DDoS, easy enough right? By creating these rules, you can prevent packet sending from happening continuously in a short time so that your MikroTik Router can avoid DDoS threats.


Hopefully, this article about How to Secure MikroTik From DDoS, gives you a little insight. Also, read an article about How to Share your Mac internet with your wireless devices that you may need to know. Thank you.

Previous Post Next Post