Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 5 of 5
  1. #1
    Status
    Offline
    unlockmodem's Avatar
    Member
    Join Date
    Dec 2009
    Posts
    114
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    [ HELP ] Flood on UDP 53

    Help master2 warnet ane kena flood port udp 53 ane pake RB750 n ini menyebabkan High CPU Usage

    tolong dunk dibantu cara proteksi nya, tadi da cari2 ga ketemu juga...

    ini ss nya
    Click here to enlarge

    ane da pake SYN Flood Protect di Filter Rules tp ngak ngefek juga gan Click here to enlarge

  2. #2
    Status
    Offline
    hikmahcell's Avatar
    Member Senior
    Join Date
    Apr 2009
    Location
    Tolitoli, Sulawesi Tengah, Indonesia, Indonesia
    Posts
    488
    Reviews
    Read 0 Reviews
    Downloads
    5
    Uploads
    0
    Feedback Score
    0
    wah parah juga tuh port dns keserang juga...Click here to enlarge

    langsung hajar aja...Click here to enlarge

    address_lit
    Code:
    /ip firewall address-list
    add address=isi.ip.dns.ispmu1 comment="" disabled=no list=DNS
    add address=isi.ip.dns.ispmu2 comment="" disabled=no list=DNS
    #filter
    Code:
    /ip firewall filter
    add action=drop chain=forward comment="" disabled=no dst-address-list=!DNS dst-port=53 protocol=udp

  3. The Following 3 Users Say Thank You to hikmahcell For This Useful Post:


  4. #3
    Status
    Offline
    unlockmodem's Avatar
    Member
    Join Date
    Dec 2009
    Posts
    114
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by hikmahcell Click here to enlarge
    wah parah juga tuh port dns keserang juga...Click here to enlarge

    langsung hajar aja...Click here to enlarge

    address_lit
    Code:
    /ip firewall address-list
    add address=isi.ip.dns.ispmu1 comment="" disabled=no list=DNS
    add address=isi.ip.dns.ispmu2 comment="" disabled=no list=DNS
    #filter
    Code:
    /ip firewall filter
    add action=drop chain=forward comment="" disabled=no dst-address-list=!DNS dst-port=53 protocol=udp

    langsung di respon sama agan hikmahcell, terima kasih banyak ane lgs hajar

    ---------- Post added at 15:16 ---------- Previous post was at 13:57 ----------

    setelah dibantu agan hikmacell akhirnya flood ke DNS solved tapi ini virus malah skrg buat port baru sepertinya hmmm....

    ini ss nya

    Click here to enlarge

    sepertinya harus lembur nih nge format smua kompie, ada solusi ga ya master2 laennya sblm ane format kompie nya

  5. #4
    Status
    Offline
    hikmahcell's Avatar
    Member Senior
    Join Date
    Apr 2009
    Location
    Tolitoli, Sulawesi Tengah, Indonesia, Indonesia
    Posts
    488
    Reviews
    Read 0 Reviews
    Downloads
    5
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by unlockmodem Click here to enlarge
    langsung di respon sama agan hikmahcell, terima kasih banyak ane lgs hajar

    ---------- Post added at 15:16 ---------- Previous post was at 13:57 ----------

    setelah dibantu agan hikmacell akhirnya flood ke DNS solved tapi ini virus malah skrg buat port baru sepertinya hmmm....

    ini ss nya

    Click here to enlarge

    sepertinya harus lembur nih nge format smua kompie, ada solusi ga ya master2 laennya sblm ane format kompie nya
    coba tambahin ini trus post hasilnya Click here to enlarge
    Code:
    /ip firewall filter
    add action=add-src-to-address-list address-list=drop_udp address-list-timeout=1s chain=forward comment=Flood_UDP \
    connection-bytes=32000-0 disabled=no dst-port=!53 in-interface=LOCAL limit=100/1m,100 protocol=udp
    add action=drop chain=forward comment="" disabled=no dst-port=!53 protocol=udp src-address-list=drop_udp
    sesuaikan in-interfacenya

    Nb. btw tetap aja solusinya scan virus, atau langsung format aja kompi yg positip terkena tadi, nanti tinggal pantau aja diaddress list sumber ipnya dari mana.. kompi itulah yg harus di ilangin virusnya ,,, rule diatas untuk mengurangi beban rbnya dan nangkap ip kompi yg terinfect virus tadi,,,
    dan INGAT!!! kalo kompinya udah positip kena virus gituan jangan dibiarin, kalo gak ntar gak bisa main game dan jalanin program yg jalan make udp port.. karna firewal hanya mengaccept udp port port 53 doang Click here to enlarge clientnya cuman bisa browsing download tapi gak bisa [point blank] ama [camfrog2an...] Click here to enlarge
    Last edited by hikmahcell; 27-12-2010 at 18:00.

  6. The Following User Says Thank You to hikmahcell For This Useful Post:


  7. #5
    Status
    Offline
    unlockmodem's Avatar
    Member
    Join Date
    Dec 2009
    Posts
    114
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by hikmahcell Click here to enlarge
    coba tambahin ini trus post hasilnya Click here to enlarge
    Code:
    /ip firewall filter
    add action=add-src-to-address-list address-list=drop_udp address-list-timeout=1s chain=forward comment=Flood_UDP \
    connection-bytes=32000-0 disabled=no dst-port=!53 in-interface=LOCAL limit=100/1m,100 protocol=udp
    add action=drop chain=forward comment="" disabled=no dst-port=!53 protocol=udp src-address-list=drop_udp
    sesuaikan in-interfacenya

    Nb. btw tetap aja solusinya scan virus, atau langsung format aja kompi yg positip terkena tadi, nanti tinggal pantau aja diaddress list sumber ipnya dari mana.. kompi itulah yg harus di ilangin virusnya ,,, rule diatas untuk mengurangi beban rbnya dan nangkap ip kompi yg terinfect virus tadi,,,
    dan INGAT!!! kalo kompinya udah positip kena virus gituan jangan dibiarin, kalo gak ntar gak bisa main game dan jalanin program yg jalan make udp port.. karna firewal hanya mengaccept udp port port 53 doang Click here to enlarge clientnya cuman bisa browsing download tapi gak bisa [point blank] ama [camfrog2an...] Click here to enlarge
    ok gan, sy ikutin saran dari agan, terima kasih banyak da membantu saya, alhasil cpu nya skrg lancar di 14% trims ya gan... You're The Best Click here to enlarge

 

 

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Similar Threads

  1. Replies: 11
    Last Post: 22-10-2010, 00:46
  2. Cara flood lewat WiFi?
    By dra90n in forum Wireless Networking
    Replies: 0
    Last Post: 15-01-2010, 09:42
  3. flood....again need firewall
    By wp11b in forum General Networking
    Replies: 29
    Last Post: 14-01-2008, 17:38
  4. ask=seting firewall wat protex UDP FLOOD gmn ?
    By xxx123 in forum General Networking
    Replies: 2
    Last Post: 17-09-2007, 10:50

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •