Blog
Dive deep into MikroTik's RouterBoards and RouterOS. We keep you informed and up-to-date, always.
Blog
Dive deep into MikroTik's RouterBoards and RouterOS. We keep you informed and up-to-date, always.
Author
Every post is penned by our certified MikroTik engineers, ensuring relevance and accuracy in every word.
Feedback
Your insights drive our content. Sharing knowledge, we elevate the MikroTik community in Canada together.
Secure the Network, No Sweat!
Discussions on network security are omnipresent and never-ending! No matter how much you talk about them, there's still much to be covered.
However, with a few simple steps, you can take control of all ongoing traffic and make sure a network hardware never falls victim to unexpected attacks.
Missed the DDoS attack tutorial?
Check it below!
Connection States as Security Indicators
From the viewpiont of connections states, all network connections in RouterOS can be divided into stateful and stateless connections. Those of the former type bear a connection state that are of five kinds, namely New, Established, Related, Invalid and Untracked. These connection states can be used for easy identification and filtering of different types of traffic.
Watch the three tutorials below one by one and learn how you can capitalize on these connection identity elements to monitor, control and, if need be, stop network traffic.
1. New & Established Connections
When a connection is created, the very first connection between your host and destination will bear the new connection state. If that very first packet is accepted, that connection will be registered in your router's Connections Table and all subsequent packets for that specific connection will be regarded as established connections.
In this tutorial, we will go over the behavior of new and established connections and see how you can make changes in your connection timeouts in order to use these connection states and help the router distinguish trusted networks from others.
2. Invalid Connections
Invalid connections are those that either cannot be identified by the router or do not have a known connection state. Therefore, since they can hardly be identified, the suggested standard practice is to drop all invalid connections for the sake of your device and network.
Invalid traffic can also include DoS/DDoS attacks and various other types of malicious activities. In this tutorial, we learn what invalid connections are and in the first few minutes of Part 3, we learn how to specifically target invalid WAN connections in order to keep our network clear.
Join +1000 MikroTik enthusiasts, subscribe today, and never miss a tutorial!
3. Related Connections
Related connections are connections that, as their suggests, are relted to, but not a part of, an already established connection. In other words, based on its type, an existing established can spawn a related connection that will work in conjunction with that main established connection.
In this tutorial, you will learn how related connections work with the example of the File Transfer Protocol. When you log into your device with an FTP connection, that login connection will be your established connection. However, when you wish to transfer files, a related connection will be spawned to conduct that transfer.
Need Training?
MikroTik experts are highly sought-after in many different industries, and with a little hard work, you can easily become a certified MikroTik engineer capable of conducting various basic and professional network management operations.
If you're interested, check out all available courses and enroll today! It's time to broaden that horizon and create new opportunities for yourself!
MikroTik News