Good Evening Everyone
I have just implemented the rules found here:
http://wiki.mikrotik.com/wiki/Drop_port_scanners
I then use nmap to do a full scan of my ports from an outside network and sadly I was able to scan everything. All of the rules were easy to add except for the first one:
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="Port scanners to list " disabled=no
For some reason the terminal didn't like the comment being before the disabled = no entry so I switched it around and it took the rule fine.
However the most important part is that this isn't working at all. I am able to easily scan all sports using SYN stealth scan.
Any assistance would be greatly appreciated.