Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Forums2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus)[Snap] High Latency @ Night
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
chevrolux
4962 posts

Uber Geek
Inactive user


  #1343442 15-Jul-2015 07:49
Send private message

The best thing about Mikrotik is that they come as a blank canvas. No assumptions are made in terms of what configuration is required.
And yea, if you are using it as a local dns server it will listen on ALL interfaces.
First thing to do would be create a 'drop all from wan' rule and then build the required 'accept' rules above that.



sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #1343447 15-Jul-2015 08:09
Send private message

Zeon: Thanks for the help Ralph, I think your suggestion was spot on.

For those interested it looks like our router was running an Open DNS resolver being used in a DNS amplification attack.

When I had got the router I only configured the PPP details and WLAN and presumed that the firewall must be preset but obviously not!

It's a Mikrotik RouterOS device. You could access the web control panel, SSH, telnet - pretty much everything over the WAN interface....


The default Mikrotik router configuration has a drop rule on the Ether1.

It's important if you configure a VLAN10 or use PPPoE that you replicate this rule on the VLAN10 or PPPoE inbound interface.

michaelmurfy
meow
13244 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1343450 15-Jul-2015 08:17
Send private message

Damn, I didn't ask that since I presumed you would firewall all the ports :)

I personally always run a port scan via GRC Shield's Up to confirm it is firewalled even if I know it is. With some routers it may surprise you.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.



Zeon

3916 posts

Uber Geek

Trusted

  #1344690 15-Jul-2015 14:00
Send private message

Yea, my mistake on that presumption! I struggled to use the web-UI on Mikrotik to configure the firewall - it ended up being the command line was actually more user friendly :S




Speedtest 2019-10-14

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright