If there is any attack is coming to your network and if there are many unnecessary connection has been established then enable some enhanced security features of mikrotik .Like
1-Drop the DNS request from your WAN interface
2-Drop all the invalid TCP sessions in your mirkotik .
3-Remove the check option from "Allow Remote Request inside your IP>DNS"
Open Terminal and Paste below rule
/ip firewall filter
add chain=forward connection-state=new action=jump jump-target=block-ddos
add chain=forward connection-state=new src-address-list=ddoser dst-address-list=ddosed action=drop
add chain=block-ddos dst-limit=50,50,src-and-dst-addresses/10s action=return
add chain=block-ddos action=add-dst-to-address-list address-list=ddosed address-list-timeout=10m
add chain=block-ddos action=add-src-to-address-list address-list=ddoser address-list-timeout=10m
1-Drop the DNS request from your WAN interface
2-Drop all the invalid TCP sessions in your mirkotik .
3-Remove the check option from "Allow Remote Request inside your IP>DNS"
Open Terminal and Paste below rule
/ip firewall filter
add chain=forward connection-state=new action=jump jump-target=block-ddos
add chain=forward connection-state=new src-address-list=ddoser dst-address-list=ddosed action=drop
add chain=block-ddos dst-limit=50,50,src-and-dst-addresses/10s action=return
add chain=block-ddos action=add-dst-to-address-list address-list=ddosed address-list-timeout=10m
add chain=block-ddos action=add-src-to-address-list address-list=ddoser address-list-timeout=10m
