Ovaj mikrotik me ubija, svaki dan nesto novo :)
5.24 verzija na p4 2.6GHz, 256 RAM.
Elem,
postavio sam vps, server u USA, CentOS, LAMP itd, cisto edukacije radi.
Sad ja hocu da ga testiram, nasao na internetu da probam scan sa nmap....
Code:
nmap -r -v -O -PN -p 0-2000 my.vps
-r: Scan ports consecutively - don't randomize
-v: Increase verbosity level (use -vv or more for greater effect)
-O: Enable OS detection
-Pn: Treat all hosts as online -- skip host discovery
nmap -r -v -O -PN -p 0-2000 my.vps
-r: Scan ports consecutively - don't randomize
-v: Increase verbosity level (use -vv or more for greater effect)
-O: Enable OS detection
-Pn: Treat all hosts as online -- skip host discovery
Scan traje 5 min, zavrsi se ..
I mikrotik se ukoci ...
Ne radi WinBox, izbaci disconnected, ssh nema sanse, ftp, nista ...
Internet postoji, ne puna brzina ili uopste ne radi, cekao 10-ak minuta da se opet ulogujem u tik...
Kad ga fizicki resetujem, Mikrotik krene da radi normalno ....
Probao 10-ak puta ...
Dok test traje, u WinBox-u processor ide do 10% load, 200Mb free memory,
200-300 konekcija u ip firewall connections ..
Negde nadjoh da je to SYN flood, nisam siguran ... Moze biti i da je bug ...
Za SYN flood pise da se postavi filter:
Code:
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new \
action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new \
action=accept comment="" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new \
action=drop comment="" disabled=no
/ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new \
action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn limit=400,5 connection-state=new \
action=accept comment="" disabled=no
/ip firewall filter add chain=SYN-Protect protocol=tcp tcp-flags=syn connection-state=new \
action=drop comment="" disabled=no
kao i da se uradi sledece
Code:
/ip firewall connection tracking set tcp-syncookie=yes
/ip firewall connection tracking set tcp-syncookie=yes
Ja sve to postavio, proverio ali Mikrotik opet se ukoci ...
Isprobao sam i kombinaciju da skeniram sebe sa my.vps lokacije, kroz pptp tunel...
Mikrotik normalno radi, no problem ...
Saveti dobrodosli !
Hvala :)