Hello,
Now I’m configuring firewall on my RB433AH. I have found a lot of good topics and FAQ on it. But my question is: is it enough to make last rule in the firewall that just drops all incoming connections on WAN port ? For example, I make some accept rules first and the last rule blocks all other. Maybe creating separate blocking rules has some advantages ? Can you describe a little bit this situation: a lot of different blocking rules vs one rule that blocks all.
Thanks in advance.
I think it’s more secure to allow certain things, and then block everything else. On the other hand - you could this way block something that you forgot to allow.
This is why there are action=log rules! 
I agree with Normis, though. Permit specific traffic and drop everything else. Just be sure you properly identify the traffic that you NEED to work for input chain.
I learned a lot from Greg’s video on the subject.
http://forum.mikrotik.com/t/basic-mikrotik-training-videos-free-update-03-15-2010/33665/1
Thank you for answers and good links !