There is also this, which goes a bit more in-depth for locking down your Mikrotik device:
http://rickfreyconsulting.com/wp-content/uploads/2014/10/MikroTik-DNS-Attack...
On 04/06/2016 06:11 AM, Stacy wrote:
(Please trim inclusions from previous messages) _______________________________________________ Ronen, Take a look here. They cover this in pretty good detail.
http://forum.mikrotik.com/viewtopic.php?t=69677
-Stacy KG7QIN
On 04/06/2016 06:00 AM, R P wrote:
(Please trim inclusions from previous messages) _______________________________________________ Hi group
Now when the mikrotik have a connections sessions screen i see about 150 (yesterday night it was 1200) UDP Port 53 (DNS)sessions coming from about 15 different sites each site have about 10 sessions
total bandwidth it consume is 500 KB/s
What is it ? why a site have to do 10 times DNS queries (or maybe it is a UDP session to port 53 but not a DNS query ) to my host where even no DNS server exist ?
Is there anyone that can tell me the exact command to block it ? i have tried with the web interface to add a firewall rule but nothing happen it looks like im not giving the right rule
Thanks Forward
Ronen - 4Z4ZQ
Ronen Pinchooks (4Z4ZQ) WebSitehttp://www.ronen.org/ www.ronen.org ronen.org (Ronen Pinchooks (4Z4ZQ) WebSite) is hosted by domainavenue.com