Sunday, November 30, 2008
Mikrotik block from the Scan Winbox and Neighbour
Sometime the ISP or service provider is not too sharp to protect customers. Especially when the souter to protect customers useing Mikrotik RouterOS. By running the IP>> Neighbor, we can see the router Mikrotik other physically connected to the router via our network provider in us.
For that we can protect the various ways such as a block form the scan winbox and our neighbor. Here is the easy way:
[admin@mikrotik] interface bridge> filter print
Flages: X - disabled, I - invalid, D - dynamic
0 ;;; block discovery mikrotik
chain=forward in-interface=ether1 mac-protocol=ip dst-port=5678
ip-protocol=udp action=drop
1 ;;; block discovery mikrotik
chain=input in-interface=ether1 mac-protocol=ip dst-port=5678
ip-protocol=udp action=drop
2 ;;; block discovery mikrotik
chain=output mac-protocol=ip dst-port=5678 ip-protocol=udp action=drop
3 ;;; block discovery mikrotik
chain=input in-interface=ether1 mac-portocol=ip dst-port=8291
ip-protocol=tcp action=drop
4 ;;; block winbox mikrotik
chain=forward in-interface=ether1 mac-protocol=ip dst-port=8291
ip-protocol=tcp action=drop
5 ;;; block request DHCP
chain=input mac-protocol=ip dst-port=68 ip-protocol=udp action=drop
6 ;;; block request DHCP
chain=forward mac-protocol=ip dst-port=68 ip-protocol=udp action=drop
7 ;;; block request DHCP
chain=output mac-protocol=ip dst-port=68 ip=protocol=udp action=drop
With this command we can close some scans, especially the use the winbox and ip neighbor. Above the port is part of the share Mikrotik RouterOS who are in need for monitoring.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment