/ ip firewall filter
add chain=input in-interface=ether1 protocol=tcp dst-port=22 src-address-list=ftp_blacklist action=drop
# accept 10 incorrect logins per minute
/ ip firewall filter
add chain=output action=accept protocol=tcp content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m
#add to blacklist
add chain=output action=add-dst-to-address-list protocol=tcp content="530 Login incorrect" address-list=blacklist address-list-timeout=23h
Maksud Kode diatas, Jika dalam 1 menit berusaha 10 kali login
( dst-limit=1/1m,9 di login nya yg kesepuluh masuk daftar hitam (blacklist) dan dibanned selama 23jam, address-list=blacklist address-list-timeout=23h).
Yah.. semoga dengan script tersebut dapat memberi rasa aman kita disaat terjadinya percobaan brute password pada Mikrotik kesayangan kita.
Posting Komentar