hello I am using MT on pc (2.9)
i have bridged my router to the MT pc and since then i have got under alot of ssh brute attacks .some of them made the router system stop responding and no access through winbox .
I have used drop ssh brute forces rule but it didn’t help alot .
what can i do ?
Check the wiki, there are example for brute force attack on ssh
Max
i have added them to my firewall earlier and i think that the attacker succeded to enter my router .
the router was no more working and lan connection showed limited or no connectivity .
when i restarted the router it continued to do restart more that 6 times and each time show loading the kernal and then restart .
now when i checked my firewall rules i found that it was restored to an earlier settings and deleted filters found that it restored back .
pls somebody help and what is need for proper securing my MT system ?
thx in advance .
http://wiki.mikrotik.com/wiki/Bruteforce_login_prevention
Also make sure you add a new admin user with a different login name, and a long password. disable the original Admin user. Make sure you allow access to your router (Firewall rules in the Input chain) only from trusted IP addresses.