hello guys yesterday i have found this new rules in my mikrotik router and i know that someone had access to my router a put this rules there but
could anybody look at the screen shots and tell me what do the rules do and how can i prevent this kind of issues. P. S before this there was no filter rules it was empty. thank you
Hello,
No rules? Your router is an open bar for hackers. Why do you do that?
Forget everything, netinstall and start over.
Sent from my tablet with Tapatalk. Sorry for my typos.
thank you for your reply
I have added this rule on firewall for droping traffic from internet side
add action=drop chain=forward comment=
“defconf: drop all from WAN not DSTNATed” connection-nat-state=!dstnat
connection-state=new in-interface=ether1
since i am a new user of mikrotik, do i need any other basic firewall rules to keep my router safe from hackers.
Hello
Most definitely!
As off now, anybody can telnet/ssh/winbox into your router. Your current rule only prevents traffic going into your lan.
I suggest you take the default config of a basic RB model and study it. The firewall is fairly basic and offers real protection.
Best regards,
Sent from Tapatalk
Also!!
Assume your router is hacked. Netinstall it to be safe.
The netinstall procedure will format everything and you’ll start clean.
Sent from Tapatalk
Be aware that the default config in the latest “stable” version has no firewall either.
http://forum.mikrotik.com/t/default-configuration-is-broken/124435/1