Have you by any chance played GTA5 online recently and gave someone kak or just being a greifer?
-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: What is your ultimate pancake filling/topping?
I'm being DDoS'd
- Thread starter CombatW0mb4t
- Start date
-
- Tags
- ddos attacks fiber
Have you by any chance played GTA5 online recently and gave someone kak or just being a greifer?
netcruiser
Senior Member
- Joined
- Sep 21, 2012
- Messages
- 513
- Reaction score
- 275
Block DNS from outside LAN is the first thing I do with a new Mikrotik. Hackers always DDOS your DNS because they can do amplification attacks cheaply.
CombatW0mb4t
Active Member
yeah, normally on other routers everything is blocked on your WAN interface by default, I realise now with Mikrotik it's a different story, but hey, so we learn
Thanks for the pm.
We are investigating.
We have been battling huge amounts of multicast traffic directed at clients on the Vuma Villages vlans which are degrading performance. It's currently affecting clients in Gauteng on the old SADV now Vuma Villages network.
We are working with everyone involved to pin point the source of the traffic and stop it.
We are investigating.
We have been battling huge amounts of multicast traffic directed at clients on the Vuma Villages vlans which are degrading performance. It's currently affecting clients in Gauteng on the old SADV now Vuma Villages network.
We are working with everyone involved to pin point the source of the traffic and stop it.
Cactus
Expert Member
- Joined
- Jan 16, 2015
- Messages
- 1,946
- Reaction score
- 2,295
I also learned this the hard way. Now it's one of the first rules being added when a Mikrotik device gets reset in my house.yeah, normally on other routers everything is blocked on your WAN interface by default, I realise now with Mikrotik it's a different story, but hey, so we learn
Peon
Expert Member
Im blocking an excessive amount of ICMP and UDP ipv6 traffic, more than usual. But still getting timeouts sporadically on AH DNS servers.
Which FNO are you using currently?
Peon
Expert Member
OpenServe - Hartbeespoort
Okay you should be able to get a new IP by dropping the pppoe session for a while.
Unfortunately the internet is full of malware constantly scanning IP subnets to find exploits.
Peon
Expert Member
Acutely aware. Managing to get by with Quad9.
cobusv
Senior Member
Cool let me know.
How is your latency or experience with quad 9?
RonSwanson
Honorary Master
- Joined
- May 21, 2018
- Messages
- 21,301
- Reaction score
- 28,520
I told SADV about that problem around 4 years ago already, a lot of RFC1918 and RFC6761 traffic was hitting my firewall, and I even received DHCP requests. They never did anything about it.
HartsockZA
Expert Member
We do, but to block it all is crazy. We get heavy attacks it's all about what ports are open and what sort of protection you have in the end. Have you tried to do some firewall protocols on your Mikrotik under IP>Firewall>Filter rules?
The Wiki can give you a good start and some digging can get you rather a great enterprise-level firewall to stop any type of port sniffer or reject connection all together
Sinbad
Honorary Master
- Joined
- Jun 5, 2006
- Messages
- 88,702
- Reaction score
- 41,246
You can put all the firewalling you like at the end of your line, but if you're being hit by a volume-based attack, that traffic still has to go down your line to be rejected, with the result that your line is overwhelmed.
HartsockZA
Expert Member
Of course, I'd do a IP reset when you do otherwise it looks like a IP pool that might be compromised, currently deflecting a huge attack ourselves. Request a static IP from a totally new range could help otherwise someone has got your number baby
HartsockZA
Expert Member
LOL our engineers reckon it's another network storm Vuma has created somehow again...
Peon
Expert Member
CombatW0mb4t
Active Member
I did exactly that today, not going to brag but I think it's a pretty solid config.
I just missed a few things that Mikrotik does differently than other vendors.