Страница 1 из 1

Getting CLDAP attack in mikrotik

Добавлено: 02 окт 2019, 15:25
laxmi
Hi,


I am getting huge attack on source port 385 called CLDAP port from multiple sources and destination is one of my IP but i am not using that IP anywhere in the network .and only that attack is heating to the Core router WAN interface which is connected to the Telco and no any firewall rules are working ..Huge attack is coming and its just crazy ...What can be the problem ..

Any solution of it ??

Waiting for response ..



Thanks

Re: Getting CLDAP attack in mikrotik

Добавлено: 02 окт 2019, 23:51
Chupaka
Hello there.

If some traffic hits your router - then it's useless to drop it (generally, that's what happens automagically if you don't do dst-nat on it) as it's too late - it already consumed your bandwidth. It's your ISP who needs to drop it (or some anti-ddos service) so that the traffic doesn't reach your router at all.

Re: Getting CLDAP attack in mikrotik

Добавлено: 03 окт 2019, 06:55
laxmi
whats the DSt nat rules should be configured ..bcz i have many mikrotiks so kindly let me know the technology and what should i implement in dst nat..!!!

Re: Getting CLDAP attack in mikrotik

Добавлено: 03 окт 2019, 14:16
Chupaka
If you do dst-nat - then you need it. If you don't need it - they won't help you. Again:
It's your ISP who needs to drop it (or some anti-ddos service) so that the traffic doesn't reach your router at all.

Re: Getting CLDAP attack in mikrotik

Добавлено: 03 окт 2019, 18:45
laxmi
Can u give me the dst-nat example which i should implement in my core router ..

Re: Getting CLDAP attack in mikrotik

Добавлено: 04 окт 2019, 16:09
Chupaka
If you don't need it - you should not. It won't help you anyway. Please read my quotation!