Mikrotik SYN flood 공격 방어 설정

Linux

Mikrotik Router SYN flood Protection

New Terminal

[Mikrotik]# 아래 내용 적용.

ip firewall filter add chain=input protocol=tcp connection-limit=0,32 action=add-src-to-address-list address-list=blocked-addr address-list-timeout=1d

ip firewall filter add chain=input protocol=tcp src-address-list=blocked-addr connection-limit=3,32 action=tarpit

ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes

ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new action=accept comment="" disabled=no

ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new action=drop comment="" disabled=no

For v6.x (version 6.X 이상에 적용)

ip settings set tcp-syncookies=yes

For older version. (6.X 이하에 적용)

ip firewall connection tracking set tcp-syncookie=yes

참고url : https://wiki.mikrotik.com/wiki/DoS_attack_protection

'Linux' 카테고리의 다른 글

리눅스 오픈소스 Monit (프로세스 감지 자동 재실행) (0)	2018.10.23
linux keepalived 를 이용한 VRRP 구성 (0)	2018.06.21
CentOS 7 , CACTI 1.1.38 설치 (0)	2018.05.10
Ubuntu 16.04 - CACTI 1.1.38 최신 버젼 설치 (0)	2018.05.09
Ubuntu 우분투 터치패드 잠금(끄기) (2)	2016.10.18

by 초보인척 2018. 10. 5. 16:27

	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30

초보의 공간

글