[Mikrotik] DOS attack question
contact at portative.net
Tue Dec 4 10:35:09 CST 2012
We've had someone sending network attacks on us over the last few days.
We are blocking 15K + IP addresses each 24 hours and and have an address
list that has grown to more than 45K since Sunday morning. I do see my
CPU usage hasn't really grown beyond 10% - it usually runs 6-8%. Which
brings me to the question. At that scale are address list look-ups more
efficient than multiple rules? Or is there a difference ? I am looking
at increasing the blocked time from 3 days to 14.
Thank you, Dave
Portative Technologies, LLC
1995 Allison Lane, Suite 100
Corydon, IN 47112
More information about the Mikrotik