Where is that located in the interface?
From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On Behalf Of Greg Ihnen Sent: Saturday, October 02, 2010 9:08 AM To: WISPA General List Subject: Re: [WISPA] Brute Force Attack on Mikrotik Gateway That script should be the MT default when one checks the "protect router" check box in the web UI. Greg On Oct 2, 2010, at 8:33 AM, Robert West wrote: Checked the logs this morning and guess who was back at it.... Was trying to do a brute force attack from yet another IP but that script from Butch swatted him like a fly. Worked like a charm! Thanks to both you and Butch, he be gone. Bob- From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On Behalf Of Josh Luthman Sent: Friday, October 01, 2010 10:38 PM To: WISPA General List Subject: Re: [WISPA] Brute Force Attack on Mikrotik Gateway Compliments of Butch Evans /ip firewal filt add action=accept chain=forward comment="drop ssh brute forcers" disabled=\ no dst-port=22 protocol=tcp src-address-list=ssh_blacklist add action=add-src-to-address-list address-list=ssh_blacklist \ address-list-timeout=1w3d chain=forward comment="" connection-state=new \ disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage3 add action=add-src-to-address-list address-list=ssh_stage3 \ address-list-timeout=1m chain=forward comment="" connection-state=new \ disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage2 add action=add-src-to-address-list address-list=ssh_stage2 \ address-list-timeout=1m chain=forward comment="" connection-state=new \ disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage1 add action=add-src-to-address-list address-list=ssh_stage1 \ address-list-timeout=1m chain=forward comment="" connection-state=new \ disabled=no dst-port=22 protocol=tcp src-address-list=!heavysshservers Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Oct 1, 2010 at 10:28 PM, Robert West <robert.w...@just-micro.com> wrote: Then we'll just send the pigeons over to poop on them. Easy. From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On Behalf Of RickG Sent: Friday, October 01, 2010 9:29 PM To: Tom Sharples; WISPA General List Subject: Re: [WISPA] Brute Force Attack on Mikrotik Gateway I like it but what if the ip is being masqueraded? On Fri, Oct 1, 2010 at 7:00 PM, Tom Sharples <tsharp...@qorvus.com> wrote: I've often wondered, is it legal for the receipient of this sort of thing, to retailiate with e.g. ping or curl storms? Tom S. ----- Original Message ----- From: Robert West <mailto:robert.w...@just-micro.com> To: 'WISPA General List' <mailto:wireless@wispa.org> Sent: Friday, October 01, 2010 2:57 PM Subject: [WISPA] Brute Force Attack on Mikrotik Gateway Just had to deal with a brute force attack on a MT router acting as a gateway. Came from these two IP addresses.. 59.42.10.38 61.155.5.247 Looked them up, they turn out to be pretty common for this sort of thing. Added a firewall rule to drop them and they are no longer filling my log. Some may want to do the same for these jokers. Robert West Just Micro Digital Services Inc. 740-335-7020 <image001.gif> _____ ---------------------------------------------------------------------------- ---- WISPA Wants You! Join today! http://signup.wispa.org/ ---------------------------------------------------------------------------- ---- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ ---------------------------------------------------------------------------- ---- WISPA Wants You! Join today! http://signup.wispa.org/ ---------------------------------------------------------------------------- ---- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ ---------------------------------------------------------------------------- ---- WISPA Wants You! Join today! http://signup.wispa.org/ ---------------------------------------------------------------------------- ---- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ ---------------------------------------------------------------------------- ---- WISPA Wants You! Join today! http://signup.wispa.org/ ---------------------------------------------------------------------------- ---- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
-------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/