MIKROTIK routerOS

MIKROTIK routerOS
» » Cara Block SSH FTP Brute Force MikroTik

Cara Block SSH FTP Brute Force MikroTik

Cara Block SSH FTP Brute Force MikroTik


Block SSH FTP Brute Force MikroTik, tehnik setting mikrotik bwt block SSH FTP Brute Force. Apaan tuh gan ? itu kyk ada yg coba untuk masuk / menebak username password mikrotik agan. Dia nyoba secara ngacak buat nemuin username password mikrotik agan, biasanya target username yg biasanya dipake ngasal kyk username: admin password:123456.
Gimana cara liat or taunya gan ? liat gambar Log mikrotik di bawah :
block+ssh+brute+force+mikrotik Cara Block SSH FTP Brute Force MikroTik
Itu indikasi bahwa ada yg mao coba2 login pake username ngacak via SSH mikrotik agan. Biasanya kejadian gini kalo router mikrotik agan punya IP Public / di cloud internet.

Cara Block Brute Force di MikroTik

Langsung hajar gan pake setting setting firewall mikrotik mikrotik ni :
/ip firewall filter
add action=drop chain=input comment="drop ftp brute forcers" dst-port=21 
    protocol=tcp src-address-list=ftp_blacklist
add chain=output content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m 
    protocol=tcp
add action=add-dst-to-address-list address-list=ftp_blacklist 
    address-list-timeout=3h chain=output content="530 Login incorrect" protocol=
    tcp
add action=drop chain=input comment="drop ssh brute forcers" dst-port=22 
    protocol=tcp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist 
    address-list-timeout=1w3d chain=input connection-state=new dst-port=22 
    protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=
    1m chain=input connection-state=new dst-port=22 protocol=tcp 
    src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=
    1m chain=input connection-state=new dst-port=22 protocol=tcp 
    src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=
    1m chain=input connection-state=new dst-port=22 protocol=tcp
Dijelasin dikit yak pake bahasa ane ^_^
Buat yg coba hack via FTP bruteforce, setting mikrotik ini nangkep by IP yang 10x salah login / FTP login incorrect per menit. IP yg ketangkep dimasukin di address-list=ftp_blacklist dan semuanya akan di drop.
Yg coba hack via SSH bruteforce, setting mikrotik ini nangkep IP yang coba login dan salah terus. IP yg ketangkep dimasukin di address-list=ssh_blacklist dan semuanya akan di drop.

Contoh IP-IP nakal yang busted ! 39 IP (o_o)
block+ssh+brute+force+mikrotik+2 Cara Block SSH FTP Brute Force MikroTik



share this article to: Facebook Twitter Google+ Linkedin Technorati Digg
Posted by Unknown, Published at 08.37 and have 0 komentar

Tidak ada komentar:

Posting Komentar