MikroTik

suporteitanet

:global cond true; :global defGateway; :global j 0; :while ($cond) do={:foreach i in=[/ip route find] do={:if ([:typeof [:find [/ip route get $i dst-address] 0.0.0.0/0 ]]!="nil" ) do={:set defGateway [/ip route get $i gateway];:set cond false; }}} {:do {:set j ($j + 1)} while (($j < 60) &...

suporteitanet

Because you need to define used variables in script. /system script add name=Netwatch policy=ftp,read,write,policy,test,reboot source={:global i 0;:local gat $defGateway ;{:do {:set i ($i + 1)} while (($i < 60) && ([/ping $gat interval=5 count=1]=0))};:if ($i=60 ) do={:log info "Reboot...

suporteitanet

Hi, I have two scripts, one to update the default gateway e other to ping in default gateway and reboot case the timeout excedds 60.But the timeout script not workin when is schedulled. Gateway script :global defGateway;:foreach i in=[/ip route find] do={:if ([:typeof [:find [/ip route get $i active...

suporteitanet

Greetings ,

I need translate this algorithm to Routeros scripting language. If someone can help me i will apreciate .

int ping [10] , i , sum, avgping, actping ;
sum=0;

for (i=1;i<=10;i++)
{
actping = ping
sum=sum+actping
}
avgping=sum / i

Thanks in advance.

suporteitanet

http://www.readyradius.com Can log all Users URL's visited. You can setup a 24/7 Logging Report. Every URL, every user visits is recorded, date stamped and then a report is created every 24 hours and automatically emailed to you. Data Logged: Users Session ID Mac ID Log Time ( of URL ) URL Visited ...

suporteitanet

Have you looked into Traffic Flow? It is a built in feature that parses that info the to a Traffic Flow collector. There are several pieces of software on the market that you can use to collect the Traffic Flow information and it meets all of the regulations relating to this. Ntop can collect the T...

suporteitanet

Hi, I need keep the log of all connections make by our customers (we are a ISP) , because the police of my country want is . At this moment I'm using this below code to catch all connections , but I'm just starting to work with firewall , and I'm not sure if it its the correct way. Additional inform...

suporteitanet

There is no syslog server functionality in ros. I asked some time ago for it - seems it is not enough public requirement for this.

Thanks for answering me.

suporteitanet

Hello there community,

I can create a SyslogServer on a device with RouterOS instead of Linux? I want store in this machine logs of all devices in my network and use a Log Analyzer script to take some action based on the reading log.

PS: Sorry for my bad english.

suporteitanet

You can configure a rogue DHCP-server alarm on your DHCP-server Tis for see if somebody else turn a DHCP-server on your network. See on my website how to do this http://www.wirelessinfo.be/index.php/mikrotik/pages/dhcp-alerte IF you have set the roque DHCP-server alarm a email will sent to you. In ...

suporteitanet

add a new firewall rule

Like this on the printscreens a made.

You can read the ip-address in "address lists" who try login and block these for 10 days

Ty for help me .The last ask , its possible someone use the same ip (public ip) of my routerboard and this is dangerous?

suporteitanet

Sorry but i duplicate this forum ,( i am newbie here) , so the correct forum is http://forum.mikrotik.com/viewtopic.php ... 17#p429017.

Sorry about this.

suporteitanet

can you show the logfile please?

DHCP-alert for detect roque DHCP-servers?

suporteitanet

Are you sure that router is the originator of the attack? Or some computer behind it?

The router isnt the originator of the attack,.I'm sure about this, however the ip (public ip) is a source of attack.

suporteitanet

Ty everyone , for the fast response. I will close the topic.

suporteitanet

Is the standard gateway a Mikrotik machine?

Yes .Mikrotik CCR.

suporteitanet

Greetings ,for the last days, every time I open the log, I see a list of critical login failures via ssh and telnet and the source ip belongs to my network. Is possible someone has copied this ip, placed in a device and be trying invade the routerboard? Sorry for my bad English , but I am worried ab...

suporteitanet

Hello there community ,

I am under ssh attack from one ip of my network ( the gateway ) , maybe someone scan my network range and set my ip in some device? This started after i drop all external ips of network of ssh and telnet ports.

suporteitanet

One of my routerboards (the gateway of my network) are trying to access the others network ips via ssh and telnet. The log them is showing several trials and logins errors like brute force. A virus maybe?

Thanks in advance and sorry for bad english.

Search found 19 matches

Re: Script not workin when schedulled, but work in terminal

Re: Script not workin when schedulled, but work in terminal

Script not workin when schedulled, but work in terminal

Average ping using array .

Re: Log all connections in Rsyslog

Re: Log all connections in Rsyslog

Log all connections in Rsyslog

Re: Syslog Server in RouterOs Desktop

Syslog Server in RouterOs Desktop

Re: Ssh bruteforce atack inside my network.

Re: Ssh bruteforce atack inside my network.

Re: Ssh bruteforce attack ,and the source is my network gate

Re: Ssh bruteforce atack inside my network.

Re: Ssh bruteforce atack inside my network.

Re: SSH attack

Re: Ssh bruteforce attack ,and the source is my network gate

SSH attack

Ssh bruteforce attack ,and the source is my network gateway.

Ssh bruteforce atack inside my network.