Dropping in input is fine, but I've seen several blacklists use raw table which would obviously affect forwarded traffic too.I know ... but it input chain is not the same as forward one. You can block access to router but not traffic forwarded to/from users.
You should be dropping such packets anyway. If you add them to a blacklist which blocks all communications from that IP, then you block legitimate services if someone spoofs them.Why blocking access to router is bad idea? Should "popular" addresses try to access our router?
Shifting of the blame onto users... what else are we supposed to use for remote management?!) winbox - fixed vulnerability that allowed to gain access to an unsecured router;
No, that's a different vulnerability in the SMB service.So is this it https://www.securityweek.com/remotely-e ... s-routeros ?
As its over month old post..