SKFREE

Mikrotik™ Podpora - ako zablokovat ip

marekh - 18.04.2013 - 20:55
Post subject: ako zablokovat ip
Poradite mi ako sa da na mikrotiku zablokovat IP ktora sa stale snazi pripojit cez ssh ?
lukic - 18.04.2013 - 20:56
Post subject:
ip firewall filter add src-address=<taipcochcesblokovat> chain=input action=drop
JOFO - 19.04.2013 - 08:35
Post subject:
poradim ti fintu, ako odfiltrovat spam aby si sa o to uz nemusal starat.. takychto spamerov je denne niekolko a zakazdym pridavat nove ipcky do listu je nepohodlne...

hod si do firewallu tieto 3 pravidla... (/ip firewall filter)
Code: › chain=input action=drop protocol=tcp src-address-list=BlockSSHSpam dst-port=22
chain=input action=add-src-to-address-list connection-state=new protocol=tcp src-address-list=SSH_BF2 address-list=BlockSSHSpam address-list-timeout=1w3d dst-port=22
chain=input action=add-src-to-address-list connection-state=new protocol=tcp src-address-list=SSH_BF1 address-list=SSH_BF2 address-list-timeout=10s dst-port=22
chain=input action=add-src-to-address-list connection-state=new protocol=tcp address-list=SSH_BF1 address-list-timeout=10s dst-port=22

Timeouty si mozes pomenit podla potrieb. Toto ti bude generovat address-list so spamermi a kazdy, kto sa behom 20 sekund pokusi 3x pripojit na porte 22 bude na 10 dni pridany do blacklistu. Pravidla musia byt v uvedenom poradi, aby to spravne fungovalo, takze vkladat odzadu alebo potom zmenit poradie cez winbox...
michal321 - 23.04.2013 - 17:14
Post subject:
Podla mňa úplne jednoducho staci spraviť
IP -> Services
a zmeniť port na ssh Smile napr 2022
pedro4444 - 24.04.2013 - 08:25
Post subject:
michal321 wrote: ›Podla mňa úplne jednoducho staci spraviť
IP -> Services
a zmeniť port na ssh Smile napr 2022


mas vseliakych robotov ktory prehliadaju a skusaju na ako porte sa nachadza ssh a tym padom ti stale zatazuje tvoju masinu lepsi sposob ako tu uz bol spominany tri razy a dovidenia nech uz neotravuyje moj CPU Smile))
Thomas - 24.04.2013 - 10:16
Post subject:
alebo port knocking.
All times are GMT
Powered by PNphpBB2 © 2003-2005 The PNphpBB Group
Credits