Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 3 123 LastLast
Results 1 to 15 of 45
  1. #1
    Status
    Offline
    vitamin-c's Avatar
    Baru Gabung
    Join Date
    Jul 2007
    Posts
    17
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    [help]script buat block ip yang coba2 login

    bisa nggak dibuat script yang otomatis nge blok ip yang coba2 login (login failure > 5 kali ) baik lewat winbox, webbox, atau ftp. kemudian setelah 1 jam ip tersebut di lepas kembali...?

    mohon bantuannya yah master2 mikrotik...

    thanks

  2. #2
    Status
    Offline
    [a]
    [a]'s Avatar
    Administrator
    Join Date
    Jun 2007
    Location
    Jakarta, Indonesia, Indonesia
    Posts
    1,729
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    good idea nihh...

    sama kaya vbulletin yah, 5 kali bad login...langsung bye-bye...

    ada yang dah pernah liat blum script macem ginih....?


  3. #3
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by vitamin-c Click here to enlarge
    bisa nggak dibuat script yang otomatis nge blok ip yang coba2 login (login failure > 5 kali ) baik lewat winbox, webbox, atau ftp. kemudian setelah 1 jam ip tersebut di lepas kembali...?

    mohon bantuannya yah master2 mikrotik...

    thanks
    kita bisa mendafarkan ip yg berusaha masuk ke daftar black-list, contoh untuk ssh sbb:

    dibawah untuk usaha pertama masuk, jika membandel diproses ke tahap berikutnya
    Code:
    add chain=input protocol=tcp dst-port=22 connection-state=new \
    action=add-src-to-address-list address-list=bl_list_ssh1 address-list-timeout=1m comment="" \
    disabled=no
    
    add chain=input protocol=tcp dst-port=22 connection-state=new \
    src-address-list=bl_list_ssh1 action=add-src-to-address-list address-list=bl_list_ssh2 address-list-timeout=1m \
    comment="" disabled=no
    
    add chain=input protocol=tcp dst-port=22 connection-state=new \
    src-address-list=bl_list_ssh2 action=add-src-to-address-list address-list=bl_list_ssh3 address-list-timeout=1m \
    comment="" disabled=no
    
    add chain=input protocol=tcp dst-port=22 connection-state=new \
    src-address-list=bl_list_ssh3 action=add-src-to-address-list address-list=black_list address-list-timeout=1d \
    comment="" disabled=no
    nah akhirnya kalo masih bandel udah 3 kali mo nyoba masuk terus, maka ip nya di ban selama 1 hari (lihat timeout diatas).

    Code:
    / ip firewall filter
    add chain=input protocol=tcp dst-port=22 src-address-list=black_list action=drop \
    comment="drop ssh brute forcers" disabled=no

    cara 2, lebih simpel:
    Code:
    / ip firewall filter
    add chain=input in-interface=ether1 protocol=tcp dst-port=22 src-address-list=ftp_blacklist action=drop
    
    # accept 10 incorrect logins per minute
    / ip firewall filter
    add chain=output action=accept protocol=tcp content=530 Login incorrect dst-limit=1/1m,9,dst-address/1m
    
    #add to blacklist
    add chain=output action=add-dst-to-address-list protocol=tcp content=530 Login incorrect address-list=blacklist address-list-timeout=3h
    kalo kode diatas ini jika dalam 1 menit berusaha 10 kali login (lht script baris kedua, dst-limit=1/1m,9 di login nya yg kesepuluh masuk daftar hitam dan diban selama 3jam, address-list=blacklist address-list-timeout=3h).

    kalo mo dibuat range juga bisa portnya tinggal dikasi dst-port=21-23 (utk ftp,ssh,telnet)
    Last edited by okto_2005; 08-08-2007 at 04:55.

  4. The Following 31 Users Say Thank You to okto_2005 For This Useful Post:

    + Show/Hide list of the thanked


  5. #4
    Status
    Offline
    vitamin-c's Avatar
    Baru Gabung
    Join Date
    Jul 2007
    Posts
    17
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    @ Admin
    iya kayak login di vbulletin boss..

    @ okto_2005
    bro okto, thanks banget buat pencerahannya, aku lagi nyoba cara yg ke2, tinggal nunggu hasilnya..

    oh iya yang command ......content=530........ itu fungsinya apa yah..?
    trus yang ..........Login incorrect...... aku hilangin soalnya gak bisa di command, bener nggak? ada pengaruhnya?

    aku pake mikrotik 2.9.27..

    thanks.

  6. #5
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ehhh jangannnnn

    itu jadi satu harusnya:
    content="530 Login incorrect"

  7. The Following 2 Users Say Thank You to okto_2005 For This Useful Post:


  8. #6
    Status
    Offline
    vitamin-c's Avatar
    Baru Gabung
    Join Date
    Jul 2007
    Posts
    17
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    oooo. ok seep, udah di benerin.. Click here to enlarge

    thanks banget...

  9. #7
    Status
    Offline
    iannilianto's Avatar
    Calon Member
    Join Date
    Jul 2007
    Posts
    85
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    kereennn... thankss infonya... di coba dulu Click here to enlarge

  10. #8
    Status
    Offline
    d3v4's Avatar
    Forum Guru
    Join Date
    Jul 2007
    Location
    di alam baka
    Posts
    1,015
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    klo lupa/salah password sendiri bakal jadi penyakit nih .......... Click here to enlarge

    ada bagus nya klo di tambah apabila network local sendiri login salah berkali2 jangan masuk black list

  11. #9
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    bisa aja sih... nanti di bagian firewall tinggal ditambahin aja interface=WAN (atau engga interface=!LAN, yg punya multiple ISP.)

  12. #10
    Status
    Offline
    d3v4's Avatar
    Forum Guru
    Join Date
    Jul 2007
    Location
    di alam baka
    Posts
    1,015
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by okto_2005 Click here to enlarge
    bisa aja sih... nanti di bagian firewall tinggal ditambahin aja interface=WAN (atau engga interface=!LAN, yg punya multiple ISP.)
    tul.. klo ga di tambahin bisa-bisa apes sendiri Click here to enlarge

    senjata makan tuan Click here to enlarge

  13. #11
    Status
    Offline
    [a]
    [a]'s Avatar
    Administrator
    Join Date
    Jun 2007
    Location
    Jakarta, Indonesia, Indonesia
    Posts
    1,729
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    tul....

    tar klo ada masalah, masa bilang ke user...maaf mas, saya ga bisa masuk routernya nihh...bentaran dulu yahh, ngopi2 ajah dulu mas...pisang goreng ada nihh..mau ?

    Click here to enlarge

  14. #12
    Status
    Offline
    d3v4's Avatar
    Forum Guru
    Join Date
    Jul 2007
    Location
    di alam baka
    Posts
    1,015
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by [a] Click here to enlarge
    tul....

    tar klo ada masalah, masa bilang ke user...maaf mas, saya ga bisa masuk routernya nihh...bentaran dulu yahh, ngopi2 ajah dulu mas...pisang goreng ada nihh..mau ?

    Click here to enlarge
    wkwkwkwkwkwkwkwkw

  15. #13
    Status
    Offline
    [a]
    [a]'s Avatar
    Administrator
    Join Date
    Jun 2007
    Location
    Jakarta, Indonesia, Indonesia
    Posts
    1,729
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    dah dibikinin tutorialnya...

    thanks buat okto_2005 yang duluan ngasih tau yahh...

    Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge

  16. #14
    Status
    Offline
    dobelden's Avatar
    Newbie
    Join Date
    Aug 2007
    Posts
    40
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by d3v4 Click here to enlarge
    tul.. klo ga di tambahin bisa-bisa apes sendiri Click here to enlarge

    senjata makan tuan Click here to enlarge
    klo dah gitu di install ulang aja Click here to enlargeClick here to enlargeClick here to enlarge

  17. #15
    Status
    Offline
    ace
    ace's Avatar
    Newbie
    Join Date
    Aug 2007
    Posts
    46
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    keren2........ Click here to enlarge

 

 
Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •