Hi
Any one have filter rule to protect server from hacker in outside please write your rule here.
Security rule
No answer
-
Disable unused services from your MT device.
-
Add firewall rules to stop port scanning.
-
That it.
I like the following approach:
- place the server on a private IP
- using destination nat forward only the services you need to be accessible from the WAN
- use masquerade for outgoing server connections
- drop every other forward from the outside to the server
Router = server?
If so Wiki have some examples http://wiki.mikrotik.com/wiki/Firewall
If server is server behind router and providing some services to outside then we need more information.
Thank you
In your number
1 you mean go, ip,services
And disable for example ssh, telnet, spi, www ssl
And only able
Www, winbox
…
In your number 2 can you show me in picture what you meaning?
Thank you
Can you upload picture for
drop every other forward from the outside to the server
How can do this?
Thank you
I will see the website soon
About that firewall port scanning rules in MT.
I Saw few posts from the past year and people did notice that none of those tutorials describing rule examples works.
And I checked few of them for example this one http://wiki.mikrotik.com/wiki/Drop_port_scanners(because is more complicate 
) and it doesn’t work either.
So how to build good rule ?