Community discussions

MikroTik App
Member Candidate
Member Candidate
Topic Author
Posts: 138
Joined: Wed Mar 02, 2005 10:03 pm


Fri Mar 03, 2006 11:34 pm

How can I stop all of these: login failure for user xxx from via ssh
via ftp
User avatar
Posts: 296
Joined: Mon Oct 31, 2005 2:44 am
Location: Germany

Fri Mar 03, 2006 11:45 pm

Very simple.
In IP > Firewall set up a new rule (input chain) that will accept traffic on port 22 (ssh) for your IP`s from which you want to connect to the router by ssh, and drop the rest of the traffic on this port. Do the same for port 21 (ftp).
Or, if you have only one network from which you want to access to your router, you can set this up in IP > Services.
If you do not want to use ssh or ftp at all, disable those services at the same place.
User avatar
Forum Veteran
Forum Veteran
Posts: 702
Joined: Fri May 28, 2004 9:05 pm
Location: Norfolk, UK

Fri Mar 03, 2006 11:51 pm

User avatar
Posts: 378
Joined: Thu Jul 01, 2004 12:32 pm
Location: Cologne, NRW, Germany

Sat Mar 04, 2006 9:51 am

how about simply entering an IP-address-range into /ip service ssh?

(but ususally it's coming from internet, plus i don't like changing WKS-ports. has anyone written a rule to make a temporary blocking address-list for this kind of attack and likes to share it? tia.)

Who is online

Users browsing this forum: DavieDavieDavie, Dwarfer, eworm, exit174, fleg, Google [Bot], kd2pm2, kx002, Nevon, sindy and 175 guests