Secure Mikrotik from Bruteforce

Network

Assalamualaikum

Hari ini saya pingin nulis tentang mengamankan mikrotik dari bruteforce. Karena mikrotik kantor sedang kena bruteforce, sampai saat tulisan ini saya bikin. Ok script ini saya dapat dari link ini, so thanks a lot for your sharing roger!

/ip firewall filter add chain=input protocol=tcp dst-port=21-23 src-address-list=blacklist-address action=drop comment=”TELNET FTP SSH Bruteforce Filter”

/ip firewall filter add chain=input protocol=tcp dst-port=21-23 connection-state=new src-address-list=stage-3 action=add-src-to-address-list address-list=blacklist-address address-list-timeout=10d

/ip firewall filter add chain=input protocol=tcp dst-port=21-23 connection-state=new src-address-list=stage-2 action=add-src-to-address-list address-list=stage-3 address-list-timeout=1m

/ip firewall filter add chain=input protocol=tcp dst-port=21-23 connection-state=new src-address-list=stage-1 action=add-src-to-address-list address-list=stage-2 address-list-timeout=1m

/ip firewall filter add chain=input protocol=tcp dst-port=21-23 connection-state=new action=add-src-to-address-list address-list=stage-1 address-list-timeout=1m

Jadi kenapa saya pilih menerapkan metode ini, karena menurut saya untuk FTP, SSH bisa di disable servicenya. Namun untuk winbox itu kayaknya perlu diamankan deh. So, thank you for visiting! I hope you are get what you want.

Source :
http://www.dimasrio.com/2015/04/block-telnet-ssh-ftp-bruteforce-mikrotik.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s