Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 10 of 10
  1. #1
    Status
    Offline
    thepekopon's Avatar
    Baru Gabung
    Join Date
    Aug 2010
    Posts
    9
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Server Mikrotik Ane diserang dari WAN

    gan, server mikrotik ane diserang dengan bruce attack dari wan melalui WAN

    ne gan screenshotnya



    Mohon pendapat dan solusinya gan... Click here to enlarge

  2. #2
    Status
    Offline
    kweteng's Avatar
    VIP Member
    Join Date
    Nov 2009
    Location
    batu wae
    Posts
    797
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Code:
     /ip service set ssh port=222

  3. The Following 2 Users Say Thank You to kweteng For This Useful Post:


  4. #3
    Status
    Offline
    thepekopon's Avatar
    Baru Gabung
    Join Date
    Aug 2010
    Posts
    9
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by kweteng Click here to enlarge
    Code:
     /ip service set ssh port=222
    wahh.. manteb gann solusinya.. makasih Click here to enlarge

    Click here to enlarge

  5. The Following User Says Thank You to thepekopon For This Useful Post:


  6. #4
    Status
    Offline
    adiputrolds's Avatar
    Forum Guru
    Join Date
    Oct 2008
    Posts
    1,485
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    mendingan ssh service allow dari Local Network aja
    hanya winbox yang dari 0.0.0.0/0

  7. The Following 2 Users Say Thank You to adiputrolds For This Useful Post:


  8. #5
    Status
    Offline
    adh1et's Avatar
    Member Senior
    Join Date
    Jul 2010
    Posts
    341
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    udah coba gini gan? CMIIW

    /ip firewall address-list
    add address=192.168.1.0/24 comment="local addresses" disabled=no list=\
    local-addr

    /ip fi fi
    add action=add-src-to-address-list address-list=WARN-FTP \
    address-list-timeout=1d chain=input comment=FTP disabled=no dst-port=21 \
    protocol=tcp src-address-list=!local-addr
    add action=drop chain=input comment="" disabled=no dst-port=21 protocol=tcp \
    src-address-list=WARN-FTP
    add action=accept chain=input comment="" disabled=no dst-port=21 protocol=tcp \
    src-address-list=local-addr
    add action=add-src-to-address-list address-list=WARN-SSH \
    address-list-timeout=1d chain=input comment=SSH disabled=no dst-port=22 \
    protocol=tcp src-address-list=!local-addr
    add action=drop chain=input comment="" disabled=no dst-port=22 protocol=tcp \
    src-address-list=WARN-SSH
    add action=accept chain=input comment="" disabled=no dst-port=22 protocol=tcp \
    src-address-list=local-addr
    add action=add-src-to-address-list address-list=WARN-TELNET \
    address-list-timeout=1d chain=input comment=TELNET disabled=no dst-port=\
    23 protocol=tcp src-address-list=!local-addr
    add action=drop chain=input comment="" disabled=no dst-port=23 protocol=tcp \
    src-address-list=WARN-TELNET
    add action=accept chain=input comment="" disabled=no dst-port=23 protocol=tcp \
    src-address-list=local-addr
    add action=add-src-to-address-list address-list=WARN-WEB \
    address-list-timeout=1d chain=input comment=WEB disabled=no dst-port=80 \
    protocol=tcp src-address-list=!local-addr
    add action=drop chain=input comment="" disabled=no dst-port=80 protocol=tcp \
    src-address-list=WARN-WEB
    add action=accept chain=input comment="" disabled=no dst-port=80 protocol=tcp \
    src-address-list=local-addr
    add action=add-src-to-address-list address-list=WARN-WINBOX \
    address-list-timeout=1d chain=input comment=WINBOX disabled=no dst-port=\
    8291 protocol=tcp src-address-list=!local-addr
    add action=drop chain=input comment="" disabled=no dst-port=8291 protocol=tcp \
    src-address-list=WARN-WINBOX
    add action=accept chain=input comment="" disabled=no dst-port=8291 protocol=\
    tcp src-address-list=local-addr
    effeknya :
    Code:
    - dapet ip yg nyerang
    - ip tersebut bisa kita banned beberapa hari, tergantung address-list-timeout
    - jika ip tersebut menyerang lagi, maka akan langsung di drop
    - ip local bisa mengkases mikrotik
    - jika cuma ingin ip tertentu saja yang mengakses mikrotik, tinggal di utak atik di address-list aja

  9. The Following 4 Users Say Thank You to adh1et For This Useful Post:


  10. #6
    Status
    Offline
    yogihermanto's Avatar
    Baru Gabung
    Join Date
    Aug 2010
    Posts
    9
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Matiin aja Ip Firewall Service untuk SSH nya...atau ubah default port 22 untuk ssh menjadi port lain...

  11. The Following User Says Thank You to yogihermanto For This Useful Post:


  12. #7
    Status
    Offline
    kambeeng's Avatar
    Member Senior
    Join Date
    Jan 2008
    Posts
    483
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    disabled aja SSH nya Click here to enlarge

  13. The Following User Says Thank You to kambeeng For This Useful Post:


  14. #8
    Status
    Offline
    Joenhid's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    115
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    wah.... sama gan saya jg pernah ada yg nyerang.

    di disable aja ssh nya.

  15. #9
    Status
    Offline
    thepekopon's Avatar
    Baru Gabung
    Join Date
    Aug 2010
    Posts
    9
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by electrix_85 Click here to enlarge
    mendingan ssh service allow dari Local Network aja
    hanya winbox yang dari 0.0.0.0/0
    Click here to enlarge Originally Posted by adh1et Click here to enlarge
    udah coba gini gan? CMIIW



    effeknya :
    Code:
    - dapet ip yg nyerang
    - ip tersebut bisa kita banned beberapa hari, tergantung address-list-timeout
    - jika ip tersebut menyerang lagi, maka akan langsung di drop
    - ip local bisa mengkases mikrotik
    - jika cuma ingin ip tertentu saja yang mengakses mikrotik, tinggal di utak atik di address-list aja
    Click here to enlarge Originally Posted by yogihermanto Click here to enlarge
    Matiin aja Ip Firewall Service untuk SSH nya...atau ubah default port 22 untuk ssh menjadi port lain...
    Click here to enlarge Originally Posted by kambeeng Click here to enlarge
    disabled aja SSH nya Click here to enlarge
    Click here to enlarge Originally Posted by Joenhid Click here to enlarge
    wah.... sama gan saya jg pernah ada yg nyerang.

    di disable aja ssh nya.
    makasih gan.. udah berhasil Click here to enlarge

  16. The Following User Says Thank You to thepekopon For This Useful Post:


  17. #10
    Status
    Offline
    tnt
    tnt's Avatar
    Member Senior
    Join Date
    Aug 2009
    Location
    Jember, Indonesia
    Posts
    416
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by kweteng Click here to enlarge
    Code:
     /ip service set ssh port=222
    nek aku
    Code:
     /ip service set ssh port=2223
    hehehe..... Click here to enlargeClick here to enlargeClick here to enlarge

  18. The Following User Says Thank You to tnt For This Useful Post:


 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Tolong donk, Mikrotik saya diserang terus :(
    By Spongebob_kerenz in forum General Networking
    Replies: 20
    Last Post: 18-07-2012, 12:57
  2. Replies: 7
    Last Post: 31-12-2010, 18:26
  3. Error Message dari Radius Server tidak tampil di Mikrotik
    By kangdal in forum HotSpot, The Dude & User Manager
    Replies: 0
    Last Post: 12-04-2010, 18:26
  4. Jual Rack Server Hp Compaq dari (war-com.com)
    By infowarcom in forum Lapak serba-serbi
    Replies: 25
    Last Post: 30-01-2010, 12:09
  5. Melindungi Server dari IP Conflict
    By mybiring in forum General Networking
    Replies: 5
    Last Post: 16-01-2010, 22:43

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •