'sniff - generates a tzsp stream that can be directed to any Wireshark (Ethereal) server'
The simplest solution in my case is to create a Virtual machine with routerOS demo license and use that as the server.
streaming-server (IP address; default: 0.0.0.0) - Tazmen Sniffer Protocol (TZSP) stream receiver
I have developed an IDS/IPS system for RouterOS.
It is here : http://sourceforge.net/projects/mt-fw-attack/
You need a linux machine to compile and run it.
It collects syslog messages from your's routeros device (there are instructions on how to use it) and adds the attackers on an address list which you can use to block them.
Users browsing this forum: No registered users and 16 guests