Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 27

Thread: Hack Mikrotik

  1. #1
    Status
    Offline
    margarine's Avatar
    Newbie
    Join Date
    Aug 2010
    Location
    Surabaya
    Posts
    65
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0

    Hack Mikrotik

    om master semua...
    minta tolong dunk...
    ane ngerasa ada yang mencoba hack jaringan ane om..Click here to enlarge
    jadi pas ane mau nyoba buka terminal, langsung ada pesan yang tampil..
    isi pesannya:
    Code:
    jan/02/1970 12:43:55 system,error,critical login failure for user root from 174.132.207.250 via ssh
    [admin@MikroTik] >
    ane heran itu ip dari mana. padahal setingan ip address dan route ane:
    Code:
    [admin@MikroTik] > ip route pr
    Flags: X - disabled, A - active, D - dynamic, 
    C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
    B - blackhole, U - unreachable, P - prohibit 
     #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
     0 ADS  0.0.0.0/0                          180.247.60.1       1       
     1 ADC  10.126.177.0/24    10.126.177.1    ether3-wifi        0       
     2 ADC  180.247.60.1/32    180.247.60.11   Line-Speedy        0       
     3 ADC  192.168.117.0/24   192.168.117.117 ether1-modem       0       
     4 ADC  192.168.177.0/24   192.168.177.1   ether2-lokal       0       
    [admin@MikroTik] > ip address pr
    Flags: X - disabled, I - invalid, D - dynamic 
     #   ADDRESS            NETWORK         BROADCAST       INTERFACE                        
     0   192.168.117.117/24 192.168.117.0   192.168.117.255 ether1-modem                     
     1   192.168.177.1/24   192.168.177.0   192.168.177.255 ether2-lokal                     
     2   10.126.177.1/24    10.126.177.0    10.126.177.255  ether3-wifi                      
     3 D 180.247.60.11/32   180.247.60.1    0.0.0.0         Line-Speedy                      
    [admin@MikroTik] >
    trus waktu ane nyoba ping ke google gak bisa..
    Code:
    [admin@MikroTik] > 
    [admin@MikroTik] > ping google.com
    invalid value for argument address
    setelah ane troubleshooting pake windows ada pesan gak bisa konek ke dns
    trus ane cek dns ane:
    Code:
    [admin@MikroTik] > ip dns pr
                    servers: 125.160.4.82,125.160.2.34
      allow-remote-requests: no
        max-udp-packet-size: 512
                 cache-size: 2048KiB
              cache-max-ttl: 1w
                 cache-used: 9KiB
    [admin@MikroTik] >
    ternyata dns ane udah berubah...padahal sebelumnya ane nyeting dns speedy.Click here to enlarge
    ne setingan dns ane tanggal 8 januari 2011. dan ane gak pernah nyeting dns setelah itu..
    Code:
    [admin@MikroTik] > ip dns export
    # jan/02/1970 08:22:46 by RouterOS 4.16
    # software id = 3EAS-12AX
    #
    /ip dns
    set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
        max-udp-packet-size=512 servers=202.134.1.10,202.134.0.115
    gmn dunk om solusinya??need help...Click here to enlarge

  2. #2
    Status
    Offline
    onomlakbok's Avatar
    Newbie
    Join Date
    Jul 2010
    Posts
    65
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    coba dari yg paling mudah dulu
    user+pass harus d ganti jangan standar
    buat user+pass yg sekuat mungkin security-nya
    kaya gini kali ==> r_ezNs*BAb2k%rxdHC7s#v!f4$sPT=m*_MTd_&#KyBQWJ5X9mz Rqag=f?UTa9sxc
    Click here to enlarge

  3. #3
    Status
    Offline
    tnt
    tnt's Avatar
    Member Senior
    Join Date
    Aug 2009
    Location
    Jember, Indonesia
    Posts
    416
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by onomlakbok Click here to enlarge
    coba dari yg paling mudah dulu
    user+pass harus d ganti jangan standar
    buat user+pass yg sekuat mungkin security-nya
    kaya gini kali ==> r_ezNs*BAb2k%rxdHC7s#v!f4$sPT=m*_MTd_&#KyBQWJ5X9mz Rqag=f?UTa9sxc
    Click here to enlarge
    mantep tuh password nya... Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge

    tapi lebih mantep juga kalo waktu lupa,,, Click here to enlargeClick here to enlarge tinggal Click here to enlargeClick here to enlargeClick here to enlarge aja,,,

  4. #4
    Status
    Offline
    cakepalam's Avatar
    Member
    Join Date
    Mar 2010
    Location
    Makassar
    Posts
    168
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ganti pass Click here to enlarge

  5. #5
    Status
    Offline
    margarine's Avatar
    Newbie
    Join Date
    Aug 2010
    Location
    Surabaya
    Posts
    65
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by onomlakbok Click here to enlarge
    coba dari yg paling mudah dulu
    user+pass harus d ganti jangan standar
    buat user+pass yg sekuat mungkin security-nya
    kaya gini kali ==> r_ezNs*BAb2k%rxdHC7s#v!f4$sPT=m*_MTd_&#KyBQWJ5X9mz Rqag=f?UTa9sxc
    Click here to enlarge
    perasaan password ane udah kuat deh om...
    karena password ane 12 digit, bukan kalimat, kombinasi huruf dan angka...
    terdiri dari 5 angka, 7 huruf dan sama sekali tidak bisa dibaca karena hurufnya konsonan semua...
    apa benar karena password om?
    maaf om bukan gak menghargai jawabannya, tapi kalo emang bnran password kok bisa terdeteksi??
    pass ane hampir mirip dengan usulan om kok..tapi gak njelimet gtuClick here to enlarge

  6. #6
    Status
    Offline
    DuaCe's Avatar
    Calon Member
    Join Date
    Aug 2009
    Posts
    87
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Gimana kalo port SSH nya diganti, misalnya dari 22 jadi 223 atau 222 atau berapa lah yang kira-kira gak kepake hehehe..., kalo gak coba deh cari firewall untuk blocking IP yang coba2 pake brute force ke mikrotik Anda.

  7. #7
    Status
    Offline
    kambeeng's Avatar
    Member Senior
    Join Date
    Jan 2008
    Posts
    483
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    Disabled aja SSH nya .. atau DROP SSH Yang berasal dari Luar Dari IP selain yang kita Akkow Click here to enlarge

  8. #8
    Status
    Offline
    canon's Avatar
    Calon Member
    Join Date
    Dec 2010
    Location
    Sumut
    Posts
    92
    Reviews
    Read 0 Reviews
    Downloads
    4
    Uploads
    0
    Feedback Score
    0
    klu ga port ssh 22 nya disable aja. atau alternatif ya tinggal post aja ip yg mengarah dari luar di tutup.
    dan bisa gunakan rule ini :

    /ip firewall nat
    add action=add-src-to-address-list address-list=BlacklistLogSSH \
    address-list-timeout=5h chain=dstnat comment=";;;Log SSH" disabled=no \
    dst-port=22 protocol=tcp

    ntar di address list tampak yg mencoba masuk Click here to enlarge

    semoga bermanfaat !!! Click here to enlarge

  9. The Following User Says Thank You to canon For This Useful Post:


  10. #9
    Status
    Offline
    whiely's Avatar
    Member Senior
    Join Date
    Jun 2010
    Location
    :unidentified:
    Posts
    423
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Wink

    Code:
    /ip service set port=22 disable=yes

  11. #10
    Status
    Offline
    Joenhid's Avatar
    Member
    Join Date
    Aug 2009
    Posts
    115
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by tnt Click here to enlarge
    mantep tuh password nya... Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge

    tapi lebih mantep juga kalo waktu lupa,,, Click here to enlargeClick here to enlarge tinggal Click here to enlargeClick here to enlargeClick here to enlarge aja,,,
    klo bikin password yg ngejelimet.... bikin backup file aja, kan ada situs yg bisa lihat password mikrotik dari backup file nya Click here to enlarge

  12. #11
    Status
    Offline
    lini's Avatar
    Forum Guru
    Join Date
    Sep 2007
    Location
    Karawaci
    Posts
    1,961
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    2 (100%)
    ada setannya kali tuh router....Click here to enlarge
    itu lognya bilang login failure kok....lalu dns berubah.....hiiiiii Click here to enlarge

    Click here to enlarge

  13. #12
    Status
    Offline
    flazh's Avatar
    Member Senior
    Join Date
    Nov 2007
    Posts
    380
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    ada setting dhcp-client use peer dns kali
    masa iya ada hantu Click here to enlarge

  14. #13
    Status
    Offline
    s!mbahNET's Avatar
    Newbie
    Join Date
    Nov 2010
    Location
    Bantul, Djogjakarta
    Posts
    62
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    dl tmpat sy jg sering gan di brute forces lewat ssh, trs sy buatkan filter firewall dg sistem auto blacklist IP yg 3x gagal login.
    tp masih tetep aja ada yg cb login dg gnti" IP.
    lalu sy di sable aja ssh nya.
    mpe skarang dh gk ada tuh login failure via ssh di log MT.
    Click here to enlarge

  15. #14
    Status
    Offline
    jo_jo's Avatar
    Member
    Join Date
    Feb 2010
    Posts
    118
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    klo masalah dns ane jg ngalami udah diset 202.134.1.10 eh kadang2 balik lagi ke 125.160.2.34 apesnya lagi dns yg 125.160.2.34 akhir2 ini sering bermasalah ada yg punya solusinya gak? tp klo ip luar yg mncoba mncoba masuk lwt ssh mmang gk ada hubunganya dgn dnsnya biasalah itu orang iseng ato usil

  16. #15
    Status
    Offline
    rahwana's Avatar
    Forum Guru
    Join Date
    Nov 2007
    Location
    Sidoarjo, Jawa Timur, Indonesia, Indonesia
    Posts
    1,337
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    saya setuju untuk DNS : itu karena setting di dial PPOE-nya pasti use peer DNS.
    Untuk solusi 'dicoba dihack' saya rasa itu kan namanya juga coba2. Resikonya punya barang dengan ip public pasti tangan2 jahil gitu deh. Karena yang dicoba adalah masuk lewat ssh, maka didisable aja service SSH-nya di ip services atau diganti portnya ke port selain 22 misalnya 20022.

  17. The Following User Says Thank You to rahwana For This Useful Post:


 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Mikrotik di hack kah ?
    By dondon in forum General Networking
    Replies: 21
    Last Post: 03-10-2013, 22:25
  2. mikrotik hack
    By cupak in forum General Networking
    Replies: 11
    Last Post: 27-03-2010, 14:45
  3. Mikrotik Kena Hack
    By mikroseek in forum General Networking
    Replies: 28
    Last Post: 06-12-2009, 10:08
  4. Lomba Hack Mikrotik
    By xeon in forum News & Events
    Replies: 262
    Last Post: 25-09-2009, 15:35
  5. help: somebody will hack my router??
    By xxx123 in forum General Networking
    Replies: 18
    Last Post: 12-01-2008, 00:30

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •