Community discussions

 
zagor
just joined
Topic Author
Posts: 1
Joined: Wed Oct 22, 2014 11:02 pm

pptp vpn protection

Wed Oct 22, 2014 11:33 pm

hi

im begginer with networking, and for some time i would like to protect pptp vpn server on my router from brute force attacks
after several attempts i didnt find any solution on net, so i decide to write my own (actually i use some examples for different brute force prevention and make my own)

here it is (just a part for pptp):
/ip firewall filter
add action=drop chain=input comment="pptp brute force drop 1/4 - complete comunication DROP" disabled=no \
src-address-list=pptp_blacklist_DROP
add action=add-dst-to-address-list address-list=pptp_blacklist_DROP address-list-timeout=10m chain=output comment="pptp brute force drop 2/4" \
content="bad username or password" disabled=no dst-address-list=pptp_blacklist_stage_2 protocol=gre
add action=add-dst-to-address-list address-list=pptp_blacklist_stage_2 address-list-timeout=1m chain=output comment="pptp brute force drop 3/4" \
content="bad username or password" disabled=no dst-address-list=pptp_blacklist_stage_1 protocol=gre
add action=add-dst-to-address-list address-list=pptp_blacklist_stage_1 address-list-timeout=1m chain=output comment="pptp brute force drop 4/4" \
content="bad username or password" disabled=no protocol=gre

for beginers like me, these rules go up in firewall rules, and on 1st try to establish pptp vpn connection with wrong username or password , stage_1 list is created , on second try stage_2 is created, and on 3rd time final list is created from which all communication from 'attacker' ip address is dropped, no more try's, final list will expire in 10 minutes, so after 10 minutes attacker is ready to try to break in again

this is 'working' version of my rules, final list timeouts will be longer later. pptp vpn is mandatory for me because of unexpirienced users
i would like to hear what expirienced mikrotik users have to say, is it bad or it make sense to protect pptp vpn this way

thank you for your comments
 
drdedus
just joined
Posts: 14
Joined: Thu Mar 17, 2016 6:24 pm

Re: pptp vpn protection

Sun Mar 20, 2016 11:32 pm

i am interesting to secure my pptp server.
does your rules working well in the latest versions?

Who is online

Users browsing this forum: No registered users and 24 guests