How to block multiple logins

RouterOS General
1

Hi,

Is there any rule to add multiple logins via ftp to a black-list address list? From time-to-time, I had some of these kind of logins, and they use different ip addresses every time.

14:12:24 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:26 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:27 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:28 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:34 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:34 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:37 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:38 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:40 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:41 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:42 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:44 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:46 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:47 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:51 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp
14:12:52 system,error,critical login failure for user Administrator from 61.133.95.247 via ftp

Please advise.[/img]

2

keep your router login from …
and manage your router at submenu ‘/ip service’

regards
Hasbullah.com

3

allow connections to the router only from known IPs, also change the service ports, as balimore suggested

4

Thanks, done that.

I thought there is a known filter rule to capture this kind of traffic, and add it to a list automatically.

:rherry

5

they will stop working by themself, when you have stronge secure login from..
here we use one way only…don’t make many ways. it’s basic secure…!!!

regards
Hasbullah.com