is there any possibility of adding someone who is trying to guess passwords to the mikrotik router to an address list so they can be dropped. I am getting a lot of people trying to guess ssh and ftp passwords and its filling up my log and annoying me.
Thank you
There is no exact option to deny users, who trying to gues passwords for the router.
there are alternative ways,
- to restrict acces to the router, allow only trusted users to access router (modify chain=input);
- change ports for SSH and FTP application in ‘ip service’ (or allow specific port for specific users);
- limit number of TCP connections per user (that connecting to the router), add to black list who exceed this limit (check firewall rules at demo2.mt.lv ).
I just add this rule to my router to exclude all ssh connections from outside of our network. I setup an “address list” with all my subnets along with this rule:
/ip firewall filter
add chain=input protocol=tcp dst-port=22 src-address-list=!local-addresses action=drop comment=“Only allow ssh from our
network” disabled=no
Eric
Thank you for the suggestions. thats kinda what i thought. Sure would be a nice feature to have. When the PSD option came along i was hoping for some type of incorrect password rule.
Thank you