[Mikrotik] DOS attack question

Josh Luthman josh at imaginenetworksllc.com
Tue Dec 4 10:44:00 CST 2012


Address lists are easier to manage.

I don't believe it has any noticeable effect how you enter them, though.

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373


On Tue, Dec 4, 2012 at 11:35 AM, David Hulsebus <contact at portative.net>wrote:

> We've had someone sending network attacks on us over the last few days. We
> are blocking 15K + IP addresses each 24 hours and and have an address list
> that has grown to more than 45K since Sunday morning. I do see my CPU usage
> hasn't really grown beyond 10% - it usually runs 6-8%. Which brings me to
> the question. At that scale are address list look-ups more efficient than
> multiple rules? Or is there a difference ? I am looking at increasing the
> blocked time from 3 days to 14.
>
> Thank you, Dave
>
> --
> David Hulsebus
> Portative Technologies, LLC
> 1995 Allison Lane, Suite 100
> Corydon, IN 47112
> 812-738-7007
> www.portative.com
>
> ______________________________**_________________
> Mikrotik mailing list
> Mikrotik at mail.butchevans.com
> http://www.butchevans.com/**mailman/listinfo/mikrotik<http://www.butchevans.com/mailman/listinfo/mikrotik>
>
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
> RouterOS
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.butchevans.com/pipermail/mikrotik/attachments/20121204/d91f2099/attachment.html>


More information about the Mikrotik mailing list