Mikrotik : Blokir IP yang mencoba Login ke Mikrotik


CODE
/ ip firewall filter
add chain=input in-interface=ether1 protocol=tcp dst-port=22 src-address-list=ftp_blacklist action=drop

# accept 10 incorrect logins per minute
/ ip firewall filter
add chain=output action=accept protocol=tcp content=”530 Login incorrect” dst-limit=1/1m,9,dst-address/1m

#add to blacklist
add chain=output action=add-dst-to-address-list protocol=tcp content=”530 Login incorrect” address-list=blacklist address-list-timeout=23h

Maksud dari kode diatas adalah jika dalam 1 menit berusaha 10 kali login ( dst-limit=1/1m,9 di login nya yg kesepuluh masuk daftar hitam dan dibanned selama 23jam, address-list=blacklist address-list-timeout=23h).

untuk memberi range port edit bagian

CODE
/ ip firewall filter
add chain=input in-interface=ether1 protocol=tcp dst-port=22 src-address-list=ftp_blacklist action=drop

menjadi

CODE

/ ip firewall filter
add chain=input in-interface=ether1 protocol=tcp dst-port=21-23 src-address-list=ftp_blacklist action=drop

isi sesuai port yang anda aplikasikan pada settingan router anda, port di atas berlaku untuk settingan standart ftp, ssh dan telnet.

permalink

One Comment to “Mikrotik : Blokir IP yang mencoba Login ke Mikrotik”

  1. kalo setting dari winbox bisa ga gan, trs bisa kasih tutorial nya ga … terimakasih

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: