Is there a way to limit router login attemps by an IP address? If a standard dictionary attach is in progress and the remote computer is sending 1+ attempts per second, is there a filter that can block that particualr IP from attempting another login for x amount of time?
I think it is not possible, more better to drop all unauthorized connections in chain=input, what is the reason to allow access to the router for any host ?
We ocassionally require access to monitor our WISP from outside our network and we do not know what IP we may be using to access it. We could you port knocking but I was looking for an option to as I mentioned to stop the flooding of attacks if we don’t limit access.
It would be nice to have a feature that would be able to add an IP address to a list if x number of failed login attempts occurred. The user could then have the firewall drop or suspend access for x amount of time.
If you disable port 22 and only use winbox for router access, I assume you would not have any problems?
yup...
on local network normally i used winbox, macWinbox, telnet, mac-telnet etc..., but from public network only one way and me only will access it.
that's my suggestion for myself.. 
and never used grafical tool from public network.
regards
Hasbullah.com
Hi,
perhaps this post can help:
http://forum.mikrotik.com/t/limit-bogus-ssh-logins-solved-at-least-for-me/10358/1
Regards
Markus