SlideShare a Scribd company logo

How to Prevent DNS Attacks on MikroTik.pdf

A
AkashaC1

How to Prevent DNS Attacks on MikroTik

Technology
1 of 20
Download to read offline
How to Prevent DNS Attacks on MikroTik 2022/4/4
設定WAN IP位址 讓MikroTik成為一個Caching DNS Server 2
設定該Interface的IP 3.3.3.3/24 3
4
表示該MikroTik對外提供DNS查詢服務。 使MikroTik成為一個Caching DNS Server。 同時,WAN的IP開放提供DNS網域查詢服務, 因此也稱為”開放式DNS遞迴解析伺服器” (Open DNS Recursive Resolver或 DNS Recursor), 如:Google的8.8.8.8。 8.8.8.8 8.8.4.4 5
測試 ping youtube.com 6
7
8
9
隱憂 10
易造成 • DNS 快取記憶體中毒 (DNS cache poisoning) • DNS 反射/放大攻擊 (DNS Reflection/Amplification Attack) • DNS洪水攻擊 (DNS Flood Attack) • ….等 11
設定防火牆預防DNS攻擊 12
13
14
15
16
17 新增的兩個防火牆規則
測試ping google.com和youtube.com 18
19 完成
參考資料 • CLOUDFLARE DNS放大攻擊 • CLOUDFLARE DNS 快取記憶體中毒 • CLOUDFLARE DNS 伺服器有哪些不同類型? • 清華大學 Open DNS resolver 的問題 • open DNS resolver測試網站 20

Recommended

Config RouterOS openVPN.pdf
Config RouterOS openVPN.pdfConfig RouterOS openVPN.pdf
Config RouterOS openVPN.pdfAkashaC1
 
联想网御千兆防火墙
联想网御千兆防火墙联想网御千兆防火墙
联想网御千兆防火墙cnliutao
 
使用Nginx轻松实现开源负载均衡——对外版
使用Nginx轻松实现开源负载均衡——对外版使用Nginx轻松实现开源负载均衡——对外版
使用Nginx轻松实现开源负载均衡——对外版pigso
 
使用Nginx轻松实现开源负载均衡
使用Nginx轻松实现开源负载均衡使用Nginx轻松实现开源负载均衡
使用Nginx轻松实现开源负载均衡guest2d0fe3
 
使用Nginx轻松实现开源负载均衡
使用Nginx轻松实现开源负载均衡使用Nginx轻松实现开源负载均衡
使用Nginx轻松实现开源负载均衡Cary Yang
 
Nginx+常见应用技术指南
Nginx+常见应用技术指南Nginx+常见应用技术指南
Nginx+常见应用技术指南andy54321
 
实时消息推送系统
实时消息推送系统实时消息推送系统
实时消息推送系统Yi Feng Yang
 
翻墙方案分享
翻墙方案分享翻墙方案分享
翻墙方案分享henix
 

Recommended

Config RouterOS openVPN.pdf
Config RouterOS openVPN.pdfConfig RouterOS openVPN.pdf
Config RouterOS openVPN.pdfAkashaC1
 
联想网御千兆防火墙
联想网御千兆防火墙联想网御千兆防火墙
联想网御千兆防火墙cnliutao
 
使用Nginx轻松实现开源负载均衡——对外版
使用Nginx轻松实现开源负载均衡——对外版使用Nginx轻松实现开源负载均衡——对外版
使用Nginx轻松实现开源负载均衡——对外版pigso
 
使用Nginx轻松实现开源负载均衡
使用Nginx轻松实现开源负载均衡使用Nginx轻松实现开源负载均衡
使用Nginx轻松实现开源负载均衡guest2d0fe3
 
使用Nginx轻松实现开源负载均衡
使用Nginx轻松实现开源负载均衡使用Nginx轻松实现开源负载均衡
使用Nginx轻松实现开源负载均衡Cary Yang
 
Nginx+常见应用技术指南
Nginx+常见应用技术指南Nginx+常见应用技术指南
Nginx+常见应用技术指南andy54321
 
实时消息推送系统
实时消息推送系统实时消息推送系统
实时消息推送系统Yi Feng Yang
 
翻墙方案分享
翻墙方案分享翻墙方案分享
翻墙方案分享henix
 
如何建立IPSEC VPN
如何建立IPSEC VPN如何建立IPSEC VPN
如何建立IPSEC VPNsharetech
 
Elk 1-0831
Elk 1-0831Elk 1-0831
Elk 1-0831Mike Chao
 
Debian Policy - 5.6.12 Version
Debian Policy - 5.6.12 VersionDebian Policy - 5.6.12 Version
Debian Policy - 5.6.12 VersionShih-Yuan Lee
 
ZeroMQ简介
ZeroMQ简介ZeroMQ简介
ZeroMQ简介Xu Wang
 
Windows 10 install mysql 8.0.16
Windows 10 install mysql 8.0.16Windows 10 install mysql 8.0.16
Windows 10 install mysql 8.0.16songwenxuan2020
 
基于Tornado后端系统架构暨最佳实践
基于Tornado后端系统架构暨最佳实践基于Tornado后端系统架构暨最佳实践
基于Tornado后端系统架构暨最佳实践ZY Zhang
 
为什么上网浏览要用Shadowsocks?
为什么上网浏览要用Shadowsocks?为什么上网浏览要用Shadowsocks?
为什么上网浏览要用Shadowsocks?zzzzzz gg
 
文献Vpn使用简介和入门
文献Vpn使用简介和入门文献Vpn使用简介和入门
文献Vpn使用简介和入门BEIJING DREAMS CONSULTANCY CO.,LTD
 
OpenStack Neutron Introduction
OpenStack Neutron IntroductionOpenStack Neutron Introduction
OpenStack Neutron IntroductionLiang Bo
 
Ubuntu 下安装 svn 服务器
Ubuntu 下安装 svn 服务器Ubuntu 下安装 svn 服务器
Ubuntu 下安装 svn 服务器wensheng wei
 
Container Security
Container SecurityContainer Security
Container SecurityLinuxCon ContainerCon CloudOpen China
 
网络攻击与防御-tseek
网络攻击与防御-tseek网络攻击与防御-tseek
网络攻击与防御-tseekhamaci
 
看14頁 ssl-vpn-20101006
看14頁 ssl-vpn-20101006看14頁 ssl-vpn-20101006
看14頁 ssl-vpn-20101006Bo-Yaun Hsu
 
Oracle enterprise manager cloud control 12c release 5 installation on oracle ...
Oracle enterprise manager cloud control 12c release 5 installation on oracle ...Oracle enterprise manager cloud control 12c release 5 installation on oracle ...
Oracle enterprise manager cloud control 12c release 5 installation on oracle ...Zhaoyang Wang
 
Syslog Ng
Syslog NgSyslog Ng
Syslog Ngflytod
 
Vitualbox
VitualboxVitualbox
Vitualboxfengxiaoqiang
 
Track2 -刘继伟--openstack in gamewave
Track2 -刘继伟--openstack in gamewaveTrack2 -刘继伟--openstack in gamewave
Track2 -刘继伟--openstack in gamewaveOpenCity Community
 
构建ActionScript游戏服务器,支持超过15000并发连接
构建ActionScript游戏服务器,支持超过15000并发连接 构建ActionScript游戏服务器,支持超过15000并发连接
构建ActionScript游戏服务器,支持超过15000并发连接 Renaun Erickson
 
Python小团队不妨知道的技术
Python小团队不妨知道的技术Python小团队不妨知道的技术
Python小团队不妨知道的技术jie.wang
 
AR Implementation 1 2016.10.20
AR Implementation 1 2016.10.20AR Implementation 1 2016.10.20
AR Implementation 1 2016.10.20AkashaC1
 
AR Implementation 2
AR Implementation 2AR Implementation 2
AR Implementation 2AkashaC1
 
Post article to KM with Python
Post article to KM with PythonPost article to KM with Python
Post article to KM with PythonAkashaC1
 

More Related Content

What's hot

如何建立IPSEC VPN
如何建立IPSEC VPN如何建立IPSEC VPN
如何建立IPSEC VPNsharetech
 
Debian Policy - 5.6.12 Version
Debian Policy - 5.6.12 VersionDebian Policy - 5.6.12 Version
Debian Policy - 5.6.12 VersionShih-Yuan Lee
 
ZeroMQ简介
ZeroMQ简介ZeroMQ简介
ZeroMQ简介Xu Wang
 
Windows 10 install mysql 8.0.16
Windows 10 install mysql 8.0.16Windows 10 install mysql 8.0.16
Windows 10 install mysql 8.0.16songwenxuan2020
 
基于Tornado后端系统架构暨最佳实践
基于Tornado后端系统架构暨最佳实践基于Tornado后端系统架构暨最佳实践
基于Tornado后端系统架构暨最佳实践ZY Zhang
 
为什么上网浏览要用Shadowsocks?
为什么上网浏览要用Shadowsocks?为什么上网浏览要用Shadowsocks?
为什么上网浏览要用Shadowsocks?zzzzzz gg
 
OpenStack Neutron Introduction
OpenStack Neutron IntroductionOpenStack Neutron Introduction
OpenStack Neutron IntroductionLiang Bo
 
Ubuntu 下安装 svn 服务器
Ubuntu 下安装 svn 服务器Ubuntu 下安装 svn 服务器
Ubuntu 下安装 svn 服务器wensheng wei
 
网络攻击与防御-tseek
网络攻击与防御-tseek网络攻击与防御-tseek
网络攻击与防御-tseekhamaci
 
看14頁 ssl-vpn-20101006
看14頁 ssl-vpn-20101006看14頁 ssl-vpn-20101006
看14頁 ssl-vpn-20101006Bo-Yaun Hsu
 
Oracle enterprise manager cloud control 12c release 5 installation on oracle ...
Oracle enterprise manager cloud control 12c release 5 installation on oracle ...Oracle enterprise manager cloud control 12c release 5 installation on oracle ...
Oracle enterprise manager cloud control 12c release 5 installation on oracle ...Zhaoyang Wang
 
Syslog Ng
Syslog NgSyslog Ng
Syslog Ngflytod
 
Track2 -刘继伟--openstack in gamewave
Track2 -刘继伟--openstack in gamewaveTrack2 -刘继伟--openstack in gamewave
Track2 -刘继伟--openstack in gamewaveOpenCity Community
 
构建ActionScript游戏服务器,支持超过15000并发连接
构建ActionScript游戏服务器,支持超过15000并发连接 构建ActionScript游戏服务器,支持超过15000并发连接
构建ActionScript游戏服务器,支持超过15000并发连接 Renaun Erickson
 
Python小团队不妨知道的技术
Python小团队不妨知道的技术Python小团队不妨知道的技术
Python小团队不妨知道的技术jie.wang
 

What's hot (19)

如何建立IPSEC VPN
如何建立IPSEC VPN如何建立IPSEC VPN
如何建立IPSEC VPN
 
Elk 1-0831
Elk 1-0831Elk 1-0831
Elk 1-0831
 
Debian Policy - 5.6.12 Version
Debian Policy - 5.6.12 VersionDebian Policy - 5.6.12 Version
Debian Policy - 5.6.12 Version
 
ZeroMQ简介
ZeroMQ简介ZeroMQ简介
ZeroMQ简介
 
Windows 10 install mysql 8.0.16
Windows 10 install mysql 8.0.16Windows 10 install mysql 8.0.16
Windows 10 install mysql 8.0.16
 
基于Tornado后端系统架构暨最佳实践
基于Tornado后端系统架构暨最佳实践基于Tornado后端系统架构暨最佳实践
基于Tornado后端系统架构暨最佳实践
 
为什么上网浏览要用Shadowsocks?
为什么上网浏览要用Shadowsocks?为什么上网浏览要用Shadowsocks?
为什么上网浏览要用Shadowsocks?
 
文献Vpn使用简介和入门
文献Vpn使用简介和入门文献Vpn使用简介和入门
文献Vpn使用简介和入门
 
OpenStack Neutron Introduction
OpenStack Neutron IntroductionOpenStack Neutron Introduction
OpenStack Neutron Introduction
 
Ubuntu 下安装 svn 服务器
Ubuntu 下安装 svn 服务器Ubuntu 下安装 svn 服务器
Ubuntu 下安装 svn 服务器
 
Container Security
Container SecurityContainer Security
Container Security
 
网络攻击与防御-tseek
网络攻击与防御-tseek网络攻击与防御-tseek
网络攻击与防御-tseek
 
看14頁 ssl-vpn-20101006
看14頁 ssl-vpn-20101006看14頁 ssl-vpn-20101006
看14頁 ssl-vpn-20101006
 
Oracle enterprise manager cloud control 12c release 5 installation on oracle ...
Oracle enterprise manager cloud control 12c release 5 installation on oracle ...Oracle enterprise manager cloud control 12c release 5 installation on oracle ...
Oracle enterprise manager cloud control 12c release 5 installation on oracle ...
 
Syslog Ng
Syslog NgSyslog Ng
Syslog Ng
 
Vitualbox
VitualboxVitualbox
Vitualbox
 
Track2 -刘继伟--openstack in gamewave
Track2 -刘继伟--openstack in gamewaveTrack2 -刘继伟--openstack in gamewave
Track2 -刘继伟--openstack in gamewave
 
构建ActionScript游戏服务器,支持超过15000并发连接
构建ActionScript游戏服务器,支持超过15000并发连接 构建ActionScript游戏服务器,支持超过15000并发连接
构建ActionScript游戏服务器,支持超过15000并发连接
 
Python小团队不妨知道的技术
Python小团队不妨知道的技术Python小团队不妨知道的技术
Python小团队不妨知道的技术
 

More from AkashaC1

AR Implementation 1 2016.10.20
AR Implementation 1 2016.10.20AR Implementation 1 2016.10.20
AR Implementation 1 2016.10.20AkashaC1
 
AR Implementation 2
AR Implementation 2AR Implementation 2
AR Implementation 2AkashaC1
 
Post article to KM with Python
Post article to KM with PythonPost article to KM with Python
Post article to KM with PythonAkashaC1
 
2018 Week 7 Data Analysis
2018 Week 7 Data Analysis2018 Week 7 Data Analysis
2018 Week 7 Data AnalysisAkashaC1
 
2018 Week 5 DHT11
2018 Week 5 DHT112018 Week 5 DHT11
2018 Week 5 DHT11AkashaC1
 
2018 Week 4 PIR
2018 Week 4 PIR2018 Week 4 PIR
2018 Week 4 PIRAkashaC1
 
2018 Week 15 Speech Recognition
2018 Week 15 Speech Recognition2018 Week 15 Speech Recognition
2018 Week 15 Speech RecognitionAkashaC1
 
2018 Week 15 Speaker
2018 Week 15 Speaker2018 Week 15 Speaker
2018 Week 15 SpeakerAkashaC1
 
2018 Week 14 HC-SR04
2018 Week 14 HC-SR042018 Week 14 HC-SR04
2018 Week 14 HC-SR04AkashaC1
 
2018 Week 13 Servo Motor
2018 Week 13 Servo Motor2018 Week 13 Servo Motor
2018 Week 13 Servo MotorAkashaC1
 
2018 Week 12 Data Storage and Visualization
2018 Week 12 Data Storage and Visualization2018 Week 12 Data Storage and Visualization
2018 Week 12 Data Storage and VisualizationAkashaC1
 
2018 Week 11 Bluetooth and Wi-Fi
2018 Week 11 Bluetooth and Wi-Fi2018 Week 11 Bluetooth and Wi-Fi
2018 Week 11 Bluetooth and Wi-FiAkashaC1
 
2018 Week 10 Read Time Data Sending
2018 Week 10 Read Time Data Sending2018 Week 10 Read Time Data Sending
2018 Week 10 Read Time Data SendingAkashaC1
 
2018 Week 10 IoT and Robot
2018 Week 10 IoT and Robot2018 Week 10 IoT and Robot
2018 Week 10 IoT and RobotAkashaC1
 
2018 Week 8 Relay
2018 Week 8 Relay2018 Week 8 Relay
2018 Week 8 RelayAkashaC1
 
2018 Week 8 IoT and Wearable Devices
2018 Week 8 IoT and Wearable Devices2018 Week 8 IoT and Wearable Devices
2018 Week 8 IoT and Wearable DevicesAkashaC1
 
2018 Week 7 Photoresistor
2018 Week 7 Photoresistor2018 Week 7 Photoresistor
2018 Week 7 PhotoresistorAkashaC1
 
2018 Week 16 Computer Vision
2018 Week 16 Computer Vision2018 Week 16 Computer Vision
2018 Week 16 Computer VisionAkashaC1
 
2018 Week 4 Data Storage
2018 Week 4 Data Storage2018 Week 4 Data Storage
2018 Week 4 Data StorageAkashaC1
 
2018 Week 3 Sending and Processing Data
2018 Week 3 Sending and Processing Data2018 Week 3 Sending and Processing Data
2018 Week 3 Sending and Processing DataAkashaC1
 

More from AkashaC1 (20)

AR Implementation 1 2016.10.20
AR Implementation 1 2016.10.20AR Implementation 1 2016.10.20
AR Implementation 1 2016.10.20
 
AR Implementation 2
AR Implementation 2AR Implementation 2
AR Implementation 2
 
Post article to KM with Python
Post article to KM with PythonPost article to KM with Python
Post article to KM with Python
 
2018 Week 7 Data Analysis
2018 Week 7 Data Analysis2018 Week 7 Data Analysis
2018 Week 7 Data Analysis
 
2018 Week 5 DHT11
2018 Week 5 DHT112018 Week 5 DHT11
2018 Week 5 DHT11
 
2018 Week 4 PIR
2018 Week 4 PIR2018 Week 4 PIR
2018 Week 4 PIR
 
2018 Week 15 Speech Recognition
2018 Week 15 Speech Recognition2018 Week 15 Speech Recognition
2018 Week 15 Speech Recognition
 
2018 Week 15 Speaker
2018 Week 15 Speaker2018 Week 15 Speaker
2018 Week 15 Speaker
 
2018 Week 14 HC-SR04
2018 Week 14 HC-SR042018 Week 14 HC-SR04
2018 Week 14 HC-SR04
 
2018 Week 13 Servo Motor
2018 Week 13 Servo Motor2018 Week 13 Servo Motor
2018 Week 13 Servo Motor
 
2018 Week 12 Data Storage and Visualization
2018 Week 12 Data Storage and Visualization2018 Week 12 Data Storage and Visualization
2018 Week 12 Data Storage and Visualization
 
2018 Week 11 Bluetooth and Wi-Fi
2018 Week 11 Bluetooth and Wi-Fi2018 Week 11 Bluetooth and Wi-Fi
2018 Week 11 Bluetooth and Wi-Fi
 
2018 Week 10 Read Time Data Sending
2018 Week 10 Read Time Data Sending2018 Week 10 Read Time Data Sending
2018 Week 10 Read Time Data Sending
 
2018 Week 10 IoT and Robot
2018 Week 10 IoT and Robot2018 Week 10 IoT and Robot
2018 Week 10 IoT and Robot
 
2018 Week 8 Relay
2018 Week 8 Relay2018 Week 8 Relay
2018 Week 8 Relay
 
2018 Week 8 IoT and Wearable Devices
2018 Week 8 IoT and Wearable Devices2018 Week 8 IoT and Wearable Devices
2018 Week 8 IoT and Wearable Devices
 
2018 Week 7 Photoresistor
2018 Week 7 Photoresistor2018 Week 7 Photoresistor
2018 Week 7 Photoresistor
 
2018 Week 16 Computer Vision
2018 Week 16 Computer Vision2018 Week 16 Computer Vision
2018 Week 16 Computer Vision
 
2018 Week 4 Data Storage
2018 Week 4 Data Storage2018 Week 4 Data Storage
2018 Week 4 Data Storage
 
2018 Week 3 Sending and Processing Data
2018 Week 3 Sending and Processing Data2018 Week 3 Sending and Processing Data
2018 Week 3 Sending and Processing Data
 

How to Prevent DNS Attacks on MikroTik.pdf