It doesn't answer anything. You can't configure anything. It screws up what you have set. Hate it. I would like to see an html copy of winbox, but that's a dream. On Oct 2, 2010 12:33 PM, "Robert West" <robert.w...@just-micro.com> wrote: > Ah.. I always use Winbox. Tried Webbox a few times when I "had to" but > wasn't comfortable with it at all. > > > > > > > > From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On > Behalf Of Josh Luthman > Sent: Saturday, October 02, 2010 11:18 AM > To: WISPA General List > Subject: Re: [WISPA] Brute Force Attack on Mikrotik Gateway > > > > The MT webbox causes cancer it is so terrible. > > On Oct 2, 2010 9:08 AM, "Greg Ihnen" <os10ru...@gmail.com> wrote: >> That script should be the MT default when one checks the "protect router" > check box in the web UI. >> >> Greg >> >> On Oct 2, 2010, at 8:33 AM, Robert West wrote: >> >>> Checked the logs this morning and guess who was back at it.... Was trying > to do a brute force attack from yet another IP but that script from Butch > swatted him like a fly. Worked like a charm! >>> >>> Thanks to both you and Butch, he be gone. >>> >>> Bob- >>> >>> From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On > Behalf Of Josh Luthman >>> Sent: Friday, October 01, 2010 10:38 PM >>> To: WISPA General List >>> Subject: Re: [WISPA] Brute Force Attack on Mikrotik Gateway >>> >>> Compliments of Butch Evans >>> >>> /ip firewal filt >>> add action=accept chain=forward comment="drop ssh brute forcers" > disabled=\ >>> no dst-port=22 protocol=tcp src-address-list=ssh_blacklist >>> add action=add-src-to-address-list address-list=ssh_blacklist \ >>> address-list-timeout=1w3d chain=forward comment="" connection-state=new \ >>> disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage3 >>> add action=add-src-to-address-list address-list=ssh_stage3 \ >>> address-list-timeout=1m chain=forward comment="" connection-state=new \ >>> disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage2 >>> add action=add-src-to-address-list address-list=ssh_stage2 \ >>> address-list-timeout=1m chain=forward comment="" connection-state=new \ >>> disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage1 >>> add action=add-src-to-address-list address-list=ssh_stage1 \ >>> address-list-timeout=1m chain=forward comment="" connection-state=new \ >>> disabled=no dst-port=22 protocol=tcp src-address-list=!heavysshservers >>> >>> Josh Luthman >>> Office: 937-552-2340 >>> Direct: 937-552-2343 >>> 1100 Wayne St >>> Suite 1337 >>> Troy, OH 45373 >>> >>> >>> On Fri, Oct 1, 2010 at 10:28 PM, Robert West <robert.w...@just-micro.com > > wrote: >>> Then we'll just send the pigeons over to poop on them. >>> >>> Easy. >>> >>> >>> >>> From: wireless-boun...@wispa.org [mailto:wireless-boun...@wispa.org] On > Behalf Of RickG >>> Sent: Friday, October 01, 2010 9:29 PM >>> To: Tom Sharples; WISPA General List >>> Subject: Re: [WISPA] Brute Force Attack on Mikrotik Gateway >>> >>> I like it but what if the ip is being masqueraded? >>> >>> On Fri, Oct 1, 2010 at 7:00 PM, Tom Sharples <tsharp...@qorvus.com> > wrote: >>> I've often wondered, is it legal for the receipient of this sort of > thing, to retailiate with e.g. ping or curl storms? >>> >>> Tom S. >>> >>> >>> ----- Original Message ----- >>> From: Robert West >>> To: 'WISPA General List' >>> Sent: Friday, October 01, 2010 2:57 PM >>> Subject: [WISPA] Brute Force Attack on Mikrotik Gateway >>> >>> Just had to deal with a brute force attack on a MT router acting as a > gateway. >>> >>> Came from these two IP addresses.. >>> >>> 59.42.10.38 >>> >>> 61.155.5.247 >>> >>> Looked them up, they turn out to be pretty common for this sort of thing. > Added a firewall rule to drop them and they are no longer filling my log. >>> >>> Some may want to do the same for these jokers. >>> >>> Robert West >>> Just Micro Digital Services Inc. >>> 740-335-7020 >>> >>> <image001.gif> >>> >>> >>> >>> > ---------------------------------------------------------------------------- > ---- >>> WISPA Wants You! Join today! >>> http://signup.wispa.org/ >>> > ---------------------------------------------------------------------------- > ---- >>> >>> WISPA Wireless List: wireless@wispa.org >>> >>> Subscribe/Unsubscribe: >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >>> >>> >>> >>> > ---------------------------------------------------------------------------- > ---- >>> WISPA Wants You! Join today! >>> http://signup.wispa.org/ >>> > ---------------------------------------------------------------------------- > ---- >>> >>> WISPA Wireless List: wireless@wispa.org >>> >>> Subscribe/Unsubscribe: >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >>> >>> >>> >>> >>> > ---------------------------------------------------------------------------- > ---- >>> WISPA Wants You! Join today! >>> http://signup.wispa.org/ >>> > ---------------------------------------------------------------------------- > ---- >>> >>> WISPA Wireless List: wireless@wispa.org >>> >>> Subscribe/Unsubscribe: >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >>> >>> >>> >>> > ---------------------------------------------------------------------------- > ---- >>> WISPA Wants You! Join today! >>> http://signup.wispa.org/ >>> > ---------------------------------------------------------------------------- > ---- >>> >>> WISPA Wireless List: wireless@wispa.org >>> >>> Subscribe/Unsubscribe: >>> http://lists.wispa.org/mailman/listinfo/wireless >>> >>> Archives: http://lists.wispa.org/pipermail/wireless/ >> >
-------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
