Hello there dear community
So after days of configuring my RB2011UiAS-2HnD-IN, everything is set up.
So: Modem (bridge mode) —> Router (PPPoE), WLAN, DynDNS
Today when I logged in into WinBox in Logs I spotted this:
I checked IPs, they are from China I suppose.
Is this attempt to bruteforce root password via SSH?
What should I do? This is going for at least 6-12 hours.
Can someone check my security settings?
My IP is dynamic but we are using DynDNS.
Do not use common user names first. Then put the source ip to blacklist and drop the inbound. Search the forum before writing. This topic is manytimes here…
Do you use ssh? If not, IP - Services - Disable ssh
No, I do not use SSH and I already disabled it. Also, I do not use common names in login and/or password.
For the time being I’ll just drop the inbound.
Thank you for tips.
some simple tips here http://wiki.mikrotik.com/wiki/Bruteforce_login_prevention