Community discussions

MikroTik App
 
marcodor
just joined
Topic Author
Posts: 12
Joined: Tue Jan 25, 2011 8:44 pm

Feature Request: SSH Brute Force Protection

Thu Apr 24, 2014 5:32 pm

Recently I discovered in MT logs a lot of "login failure" entries from the same IP via SSH service.
Even "hacker" successfully tried 4-5 passwords per seconds, quite impressive.
Usually, Linux servers artificially freeze for an exponential time after 2-3 login failures from the same source for frequent retries.
Can this kind of protection be implemented in Router OS?
Thanks in advice!
 
jarda
Forum Guru
Forum Guru
Posts: 7603
Joined: Mon Oct 22, 2012 4:46 pm

Re: Feature Request: SSH Brute Force Protection

Thu Apr 24, 2014 5:45 pm

Successfully? Hope not...
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1124
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: Feature Request: SSH Brute Force Protection

Thu Apr 24, 2014 5:48 pm

3 words: "Use the firewall"

Setup proper input chain filtering, and you will be safe.
Its not just SSH you should be worried about, DNS amplification attack will hit you much more seriously for example.
Unimus - configuration management, automation and backup solution
Mass Config Push, network-wide RouterOS upgrades, and more!
 
marcodor
just joined
Topic Author
Posts: 12
Joined: Tue Jan 25, 2011 8:44 pm

Re: Feature Request: SSH Brute Force Protection

Thu Apr 24, 2014 6:11 pm

"Use the firewall"
Good idea, but anyway, i think it's useful to have such feature implemented into ssh protocol.
What if I want to leave it open to any public ip, but protected of such brute attacks.
Even DBMS have such feature integrated, or almost every OS even they also have firewall feature.
 
Thalid
newbie
Posts: 38
Joined: Sun Mar 31, 2013 11:33 pm

Re: Feature Request: SSH Brute Force Protection

Thu Apr 24, 2014 6:28 pm

Who is online

Users browsing this forum: No registered users and 71 guests