Firewall rules (Incomming port 1. WAN port): 1. allow SSH TCP port 22 from ip xxx.yyy.aaa.bbb 2. Deny all incomming
I also got the basic rules for accept for state established and related. Nothing else is allowed on incomming on this machine.
Service list for ssh is allow all.
So far so good. When i test from several external ips nothing happen. I cant get in. Thats expected right. I can get in from ip xxx.yyy.aaa.bbb and that is ok aswell.
BUT.
Every now and then i can see this in logs: 09:16:18 system,error,critical login failure for user root from aaa.bbb.ccc.ddd via ssh 09:16:22 system,error,critical login failure for user root from aaa.bbb.ccc.ddd via ssh 09:16:26 system,error,critical login failure for user root from aaa.bbb.ccc.ddd via ssh
How the heck can someone get in at all?
Does Ip service list sometimes go before firewall rules and sometimes not? What have i missed? The router itself is fresh installed and this happens.
edit: Some info about the system: RB750 running at v5.13
Last edited by daromer on Tue Feb 28, 2012 11:31 am, edited 2 times in total.
_________________ Nick ShoreMTCNAMTCWEMTCREMTCINE LinITX.com - MultiThread Consultants Get your MikroTik RBs and Training: http://linitx.com/category/166 Official UK MikroTik Distributor IRC chan: #routerboard on irc.z.je (IPv4) or 6.irc.z.je (IPv6)
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum
Login |
HOME
