hi.
how can i get ride of illegal login !?
in log i see this messages almost every day!
login failure for user root from “ip address” via telnet.
login failure for user root from “ip address” via ssh.
the best way and recommended method is to DISABLE all services which are not in used.
Specially TELNET/SSH/FTP/API/WWW
make sure you change default port in all services, protect your router by firewall rules,
another approach is to create mangle rules which keep check on ssh/telnet services and if it founds more hits in specific timings, then it can add those attackers ips in a temporary list which is blocked by FILTER rules.
Some guides for startup
http://aacable.wordpress.com/2011/08/15/mikrotik-howto-prevent-mt-host-from-invalid-login-attempts-from-lanwan-users/
http://wiki.mikrotik.com/wiki/Securing_your_router
http://wiki.mikrotik.com/wiki/Securing_New_RouterOs_Router
Disable all extra services and use firewall to secure others. Also using vpn or port knocking.
Sent from my SCH-I545 using Tapatalk