Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
Systemshik2015-11-30 10:16:26
Mikrotik
Systemshik, 2015-11-30 10:16:26

Mikrotik Router closing port 53 and further problems?

Hello . There is a Mikrotik Router CCR1009-8G-1S. One day, the provider called me and said that I had port 53 open through which my router is used to conduct DDOS Attak and that I should close it. Well, after a little searching on the Internet, I found how to close it, and closed it. And then there was such a problem simple Wi-Fi routers like D-link or TP-Link stopped giving out the Internet, the Internet appears only when the drop of this port is turned off.
I do not know what to do .

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
I
Ilya Efimov, 2015-11-30
@Systemshik

I suspect that you disabled it on all interfaces. You need to close port 53 via the wan interface in the INPUT chain.
chain=input action=drop connection-state=new protocol=udp in-interface=ether1 dst-port=53 log=no log-prefix=""
chain=input action=drop connection-state=new protocol=tcp in-interface =ether1 dst-port=53 log=no log-prefix=""
Something like this.

Report
C
Cool Admin, 2015-11-30
@ifaustrue

Well, "at the same time", so to speak. You also need to do:
1. Close NTP
/ip firewall filter add chain=input action=drop connection-state=new protocol=udp in-interface=ether1 dst-port=123 log=no log-prefix=" "
/ip firewall filter add chain=input action=drop connection-state=new protocol=tcp in-interface=ether1 dst-port=123 log=no log-prefix="
" , www and winbox
3. Attach the rule with connection state established to the input chain from the external interface, and drop the rest exactly as in the article
wiki.mikrotik.com/wiki/Securing_New_RouterOs_Router
add chain=input connection-state=established action=accept comment="accept established connection packets" disabled=no in-interface=ether1
add chain=input connection-state=related action=accept comment="accept related connection packets" disabled= no in-interface=ether1
add chain=input connection-state=invalid action=drop comment="drop invalid packets" disabled=no in-interface=ether1

Report
S
Systemshik, 2015-11-30
@Systemshik

Thanks, it turned out , it remains to ask the provider if everything is fine. just changed the code
/ip firewall filter add chain=input action=drop connection-state=new protocol=udp in-interface=ether1 dst-port=53 log=no log-prefix=" "
/ip firewall filter add chain=input action =drop connection-state=new protocol=tcp in-interface=ether1 dst-port=53 log=no log-prefix=" "

Report
N
Nikita Sizov, 2015-11-30
@sizaik

Colleagues, why not close everything at all, leaving only what is absolutely necessary - say, external control via Winbox, if you use it?
/ip firewall action=accept connection-state=new protocol=tcp in-interface=ether1 dst-port=8219 log=no log-prefix=" "
/ip firewall action=accept connection-state=established in-interface=ether1 log =no log-prefix=" "
/ip firewall filter add chain=input action=drop connection-state=new in-interface=ether1

Similar questions
E
Evgeny Lavrov2019-12-21 20:46:04
Why can't I convert py to exe? 2Reply
I
Irbis232019-10-28 13:25:10
Problem with CHR mikrotik on VDS Hyper-v? 3Reply
A
AkZwork2019-11-03 03:10:54
How to give a guaranteed speed to one client on mikrotik? 2Reply
G
Grigory Shchetintsev2017-06-02 18:10:22
How to make OpenWRT PPTP Client and PPTP Server friends in RouterOS? 1Reply
B
bogdan_zgh2015-06-22 19:21:46
VPN mikrotik and 3g modem? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question