cut off all access but winbox

snowpro · August 21, 2012, 11:59pm

I have a 450G as main router
I see in log that there are many attempted log in’s from telnet and ssh. Addresses from all over the world.
I found a script that locks them out after 3 attempts (Stage 1,2,3 then blacklist)
I already have about 30 addresses in blacklist (two weeks of use)

Is there something better I can do to restrict access to myself only

I only need winbox access

cbrown · August 22, 2012, 12:35am

You can turn off unneeded services in /ip services if you don’t need them.

snowpro · August 23, 2012, 8:14pm

thanks: I blocked ssh and telnet (disabled in ip services) and yet I still got an
address show up on blacklist (attempt log in ssh)

How can that be

lordkappa · August 25, 2012, 12:53am

Firewall rules still run, even if there is no service listening on that port.