»» SolidTrustPay Wajib Bagi Anda Pebisnis Online ««


»» SolidTrustPay must for your online business ««

▬▬▬▬▬▬▬▬▬ஜ۩۞۩ஜ▬▬▬▬▬▬▬▬▬▬
»» WELCOME to DOFOLLOW BLOGs "17 January 2012"««
»» Computer & Software Technology Sharing Information««
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ஜ۩۞۩ஜ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
  • Block IP yang berusaha login (FTP&SSH)

    Males ngeliat log di mikrotik banyak yang berusaha login dengan sembarang username dari IP yg ngga dikenal? Nie coba deh, tak jamin bakalan seambrek IP2 yang iseng masuk address-list

    Buat ngedrop yang coba login ke FTP mikrotik loe (10 kali gagal dlm 1 menit, masuk deh address-list)


    /ip firewall filter
    add chain=input protocol=tcp dst-port=21 src-address-list=ftp_blacklist action=drop

    add chain=output action=accept protocol=tcp content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m

    add chain=output action=add-dst-to-address-list protocol=tcp content="530 Login incorrect" \ address-list=ftp_blacklist address-list-timeout=3h

    Kalo nyang nie buat ngeblock yang coba2 login ke SSH mikrotik loe, IPnye nongkrong 10 hari di address-list

    in /ip firewall filter

    add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop \ comment="drop ssh brute forcers" disabled=no

    add chain=input protocol=tcp dst-port=22 connection-state=new \ src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist \ address-list-timeout=10d comment="" disabled=no

    add chain=input protocol=tcp dst-port=22 connection-state=new \ src-address-list=ssh_stage2 action=add-src-to-address-list address-list=ssh_stage3 \ address-list-timeout=1m comment="" disabled=no

    add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 \ action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment="" disabled=no

    add chain=input protocol=tcp dst-port=22 connection-state=new action=add-src-to-address-list \ address-list=ssh_stage1 address-list-timeout=1m comment="" disabled=no
    Sumber : http://wiki.mikrotik.com

0 komentar:

Penting Menurut Anda ? Bantu Sebarkan ...
  • Share
  • [i]
Warning :
This articles is the property of http://www.tambelanblog.com
Copying and publishing any articles from our site to your websites is strictly NOT allowed


Protected by Copyscape Online Plagiarism Check

#################################################


.::Latest Comments

Recent Comments Widget

.::Search On This Blog

.::About us : Do Follow Blog !!

TambelanBlog, Care to Shared Do Follow Blog

.::Media

.::Translate This Page

Arabic Korean Japanese Chinese Simplified Russian Portuguese
English French German Spain Italian Dutch

.::Subscribe Now For Free

Our Readers

Your email here

Received Update for FREE:

Delivered by FeedBurner

.::Be My Circles

.::Popular Post by Readers

.::Follower to be Followed!

.::First Class Exchange Link!