Drop port scanners

From MikroTik Wiki
Revision as of 23:59, 15 November 2005 by Paulhoff (talk | contribs)
Jump to: navigation, search

To protect the Router from port scaners, we can record the IPs of hackers who try to scan your box. Using this address list we can drop connection from those IP

in /ip firewall filter 

add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scaners" 
address-list-timeout=2w comment="Port scaners to list " disabled=no

Then you can drop those IPs: 

add chain=input src-address-list="port scaners" action=drop comment="droping port scaners" disabled=no
Retrieved from "https://wiki.mikrotik.com/index.php?title=Drop_port_scanners&oldid=244"