Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 10 of 10
  1. #1
    Status
    Offline
    dhimas's Avatar
    Baru Gabung
    Join Date
    May 2010
    Posts
    1
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    <ask> ada yg nyoba masuk mikrotik ane, help gan masih newbie

    newbie banget ni masalah mikrotik.
    minggu lalu buat warnet n pke mikrotik buat b/w management nya
    di installin kakak sih, cman kakak lagi di luar kota nih sulit di hubungin nya ..

    di terminal nya mikrotik ada tampilan kek gini :
    echo: system,error,critical login failure for user root from 122.116.241.189 via ssh

    ini secara terus menerus euy, tiap beberapa menit IP itu mencoba login ke mikrotik melalui SSH.
    ada yg bisa bantu gmna cara menanggulangin nya ?
    coz masih newbie banget ni bos .

    Thanks banget yg pada bantu yah.

  2. #2
    Status
    Offline
    putra_maiwa's Avatar
    Forum Guru
    Join Date
    Sep 2009
    Posts
    1,298
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by dhimas Click here to enlarge
    newbie banget ni masalah mikrotik.
    minggu lalu buat warnet n pke mikrotik buat b/w management nya
    di installin kakak sih, cman kakak lagi di luar kota nih sulit di hubungin nya ..

    di terminal nya mikrotik ada tampilan kek gini :
    echo: system,error,critical login failure for user root from 122.116.241.189 via ssh

    ini secara terus menerus euy, tiap beberapa menit IP itu mencoba login ke mikrotik melalui SSH.
    ada yg bisa bantu gmna cara menanggulangin nya ?
    coz masih newbie banget ni bos .

    Thanks banget yg pada bantu yah.
    sebenernya gpp... yg penting statusnya ga connected!
    dari pada was-was port nya di matiin aja

    /ip service
    Code:
    name="ftp" port=21 address=0.0.0.0/0  status=disable
    name="ssh" port=22 address=0.0.0.0/0 status=disable

  3. #3
    Status
    Online
    mr.joehan's Avatar
    Newbie
    Join Date
    Sep 2009
    Posts
    53
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    tutup aja service ssh nya

  4. #4
    Status
    Offline
    Xtreme's Avatar
    Newbie
    Join Date
    Aug 2008
    Location
    depan Router
    Posts
    64
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    pegang ip nya yg coba2 masuk, masukan ke address-list terus kunci ajah...... ceklek....

  5. #5
    Status
    Offline
    awanbiru2007's Avatar
    Calon Member
    Join Date
    Jan 2010
    Posts
    73
    Reviews
    Read 0 Reviews
    Downloads
    3
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Xtreme Click here to enlarge
    pegang ip nya yg coba2 masuk, masukan ke address-list terus kunci ajah...... ceklek....
    Seep setubuh........... IP nya di drop aja dari Address listClick here to enlarge

  6. The Following User Says Thank You to awanbiru2007 For This Useful Post:


  7. #6
    Status
    Offline
    vzouh's Avatar
    Member Super Senior
    Join Date
    Jun 2009
    Location
    Solo-Sragen PP
    Posts
    682
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by dhimas Click here to enlarge
    newbie banget ni masalah mikrotik.
    minggu lalu buat warnet n pke mikrotik buat b/w management nya
    di installin kakak sih, cman kakak lagi di luar kota nih sulit di hubungin nya ..

    di terminal nya mikrotik ada tampilan kek gini :
    echo: system,error,critical login failure for user root from 122.116.241.189 via ssh

    ini secara terus menerus euy, tiap beberapa menit IP itu mencoba login ke mikrotik melalui SSH.
    ada yg bisa bantu gmna cara menanggulangin nya ?
    coz masih newbie banget ni bos .

    Thanks banget yg pada bantu yah.

    Bener seperti saran teman2 diatas .....
    tapi klo di disable berarti kita ga isa pake service itu ......Click here to enlarge
    trus klo catetin ipnya satu2 trus masukin ke adress-list .... cape dehhh Click here to enlarge
    solusinya bikin firewall yg otomatis capture ip yg failure trus di add ke adress-list setelah 3x langsung drop ke blacklist ....Click here to enlarge
    Code:
    /ip fi fi 
    add action=add-src-to-address-list address-list=ssh_stage1 \
        address-list-timeout=1m chain=input comment="drop ssh" connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=!admin
    
    add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage1
    
    add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage2
    
    add action=add-src-to-address-list address-list=black_list_ssh address-list-timeout=1d chain=input comment="" connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage3
    add action=drop chain=input comment="" disabled=no dst-port=22 protocol=tcp src-address-list=black_list_ssh
    100% tested Click here to enlarge
    Untuk perlindungan protocol lainnya silahkan dikembangkan sendiri Click here to enlarge

  8. The Following 3 Users Say Thank You to vzouh For This Useful Post:


  9. #7
    Status
    Offline
    Xtreme's Avatar
    Newbie
    Join Date
    Aug 2008
    Location
    depan Router
    Posts
    64
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by vzouh Click here to enlarge
    Bener seperti saran teman2 diatas .....
    tapi klo di disable berarti kita ga isa pake service itu ......Click here to enlarge
    trus klo catetin ipnya satu2 trus masukin ke adress-list .... cape dehhh Click here to enlarge
    solusinya bikin firewall yg otomatis capture ip yg failure trus di add ke adress-list setelah 3x langsung drop ke blacklist ....Click here to enlarge
    Code:
    /ip fi fi 
    add action=add-src-to-address-list address-list=ssh_stage1 \
        address-list-timeout=1m chain=input comment="drop ssh" connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=!admin
    
    add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage1
    
    add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage2
    
    add action=add-src-to-address-list address-list=black_list_ssh address-list-timeout=1d chain=input comment="" connection-state=new disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage3
    add action=drop chain=input comment="" disabled=no dst-port=22 protocol=tcp src-address-list=black_list_ssh
    100% tested Click here to enlarge
    Untuk perlindungan protocol lainnya silahkan dikembangkan sendiri Click here to enlarge
    Click here to enlarge mantab.... tapi itu cuman deteksi port SSH.

  10. #8
    Status
    Offline
    budakbaheula's Avatar
    Member Senior
    Join Date
    Jan 2010
    Location
    Sukabumi-Bandung
    Posts
    482
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    nyoba ikut share ah,,

    Code:
    add action=add-src-to-address-list address-list=Drop-Ftp-Tel-Ssh \
        address-list-timeout=0s chain=input comment=Drop-Ftp disabled=no \
        dst-port=21,22,23 protocol=tcp
    add action=drop chain=input comment="" disabled=no dst-port=21,22,23 \
        protocol=tcp
    dengan jimat seperti diatas selain kita ngedrop yang nyoba masuk ke router kita lewat port2 yg udah ditulis diatas, kita juga bisa liat ip mana aja yang nyoba masuk ke router kita,,,liat aja di ip-fire-addreslist...
    Last edited by budakbaheula; 26-05-2010 at 22:52.

  11. #9
    Status
    Offline
    c0nf's Avatar
    Contributor
    Join Date
    Jul 2007
    Location
    Bandung, Indonesia
    Posts
    1,816
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Xtreme Click here to enlarge
    Click here to enlarge mantab.... tapi itu cuman deteksi port SSH.
    port yang lain yg jug abisa gan
    tinggal di modif dikit
    Code:
    /ip fi fi 
    add action=add-src-to-address-list address-list=ssh_stage1 \
        address-list-timeout=1m chain=input comment="drop ssh" connection-state=new disabled=no dst-port=22,23 protocol=tcp src-address-list=!admin
    
    add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22,23 protocol=tcp src-address-list=ssh_stage1
    
    add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22,23 protocol=tcp src-address-list=ssh_stage2
    
    add action=add-src-to-address-list address-list=black_list_ssh address-list-timeout=1d chain=input comment="" connection-state=new disabled=no dst-port=22,23 protocol=tcp src-address-list=ssh_stage3
    add action=drop chain=input comment="" disabled=no dst-port=22,23 protocol=tcp src-address-list=black_list_ssh
    oiya, setelah dipasang ini jangan lupa atau salah masukin password ya (pengalaman pribadi hikz)

  12. #10
    Status
    Offline
    vzouh's Avatar
    Member Super Senior
    Join Date
    Jun 2009
    Location
    Solo-Sragen PP
    Posts
    682
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by c0nf Click here to enlarge
    port yang lain yg jug abisa gan
    tinggal di modif dikit
    Code:
    /ip fi fi 
    add action=add-src-to-address-list address-list=ssh_stage1 \
        address-list-timeout=1m chain=input comment="drop ssh" connection-state=new disabled=no dst-port=22,23 protocol=tcp src-address-list=!admin
    
    add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22,23 protocol=tcp src-address-list=ssh_stage1
    
    add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22,23 protocol=tcp src-address-list=ssh_stage2
    
    add action=add-src-to-address-list address-list=black_list_ssh address-list-timeout=1d chain=input comment="" connection-state=new disabled=no dst-port=22,23 protocol=tcp src-address-list=ssh_stage3
    add action=drop chain=input comment="" disabled=no dst-port=22,23 protocol=tcp src-address-list=black_list_ssh
    oiya, setelah dipasang ini jangan lupa atau salah masukin password ya (pengalaman pribadi hikz)

    ada pengamannnya kok bos ..... coba dilihat rule pertama.... Click here to enlarge

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Maaf Masih newbie + Bodoh Bgt ttg mikrotik..
    By Enam Sembilan 2007 in forum Beginner Basics
    Replies: 6
    Last Post: 07-02-2010, 14:21
  2. [ask] mau tanya nih masih newbie bener
    By yuketokiya in forum Beginner Basics
    Replies: 0
    Last Post: 09-01-2010, 21:43
  3. Permasalahan Warnet [ Masih NEWBIE HABIS ]
    By Gober Bebek in forum Beginner Basics
    Replies: 23
    Last Post: 25-01-2008, 08:38

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •