Post subject: paket filter bcp 38 a bcp 140 Posted: 13.06.2014 - 15:40 #106692
Basic
Joined: Mar 13, 2007
Posts: 264
Location: Trnava
V poslednej dobe sa nam objavili utoky z nasej siete na ip dns servrov nasich poskytovatelov konektivity.Odporucili nam aplikovat metodiku bcp 38 a 140. Na routri mame mikrotik.Ako spravne tento filter na nom nakonfigurujem?
kemper
Post subject: RE: paket filter bcp 38 a bcp 140 Posted: 13.06.2014 - 16:25 #106693
Basic
Joined: Jan 23, 2009
Posts: 176
Mas zablokovany dst port 53 na wane , aby ti neliezli dns dotazy z netu do siete ? chain=forward action=drop protocol=udp in-interface=wan dst-port=53
Levian
Post subject: RE: paket filter bcp 38 a bcp 140 Posted: 13.06.2014 - 17:05 #106694
Basic
Joined: Mar 13, 2007
Posts: 264
Location: Trnava
Blokol som to..Problem je ale opacny, nie utok na IP u mna, ale IP mimo mojej siete u mojho providera.
kemper
Post subject: RE: paket filter bcp 38 a bcp 140 Posted: 14.06.2014 - 14:11 #106698
Basic
Joined: Jan 23, 2009
Posts: 176
No mal som tenisty problem , akurat rozdiel bol v tom ze mam vlastny dns . Niekedy tam slo aj 20mbps . Poziadavky chodia zo sveta na klientov a klientske zriadenie potom otravuje DNS server ktory ma zadefinovany . Cize ty mas nastaveny DNS svojho ISP , tak otravuju jeho ...
