Bruteforce login prevention

From MikroTik Wiki
Revision as of 15:03, 18 July 2007 by Janisk (talk | contribs) (New page: Stops people trying to bruteforce SSH login / ip firewall filter add chain=input protocol=tcp dst-port=22 src-address-list=black_list action=drop \ comment="drop ssh brute forcers" ...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Stops people trying to bruteforce SSH login


/ ip firewall filter add chain=input protocol=tcp dst-port=22 src-address-list=black_list action=drop \

    comment="drop ssh brute forcers" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \

    src-address-list=ssh_stage3 action=add-src-to-address-list address-list=black_list address-list-timeout=1d \
    comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \

    src-address-list=ssh_stage2 action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m \
    comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \

    src-address-list=ssh_stage1 action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m \
    comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \

    action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m comment="" \
    disabled=no


by omega-00 (forum user)