On my cisco routers I setup some basic firewalling rules.. or a better term would be filters. The things I filter are netbios packets ports 135 to 139, I also setup rules that only allow packets that destioned to the network and only allow packets out that are coming from that network.

Example:

Ethernet ip is 192.168.1.0 /24

on the serial interface I block all netbios incoming, block all ip that isn't destional 192.168.1.0 /24 and I block all outgoing netbios and ip that don't come form 192.168.1.0 /24

Is this a good practice to do on the mikrotik units as well? Do you recommend filterin on the eithernet port or the wireless interface?

-Michael

I prefer to use ethernet filtering. Maybe at the first step u can filter ping attack (protocol icmp) by drop this and later maybe u can learn how to filter by see what the traffic in-out you want to limit, by seeing tools-torch. with this tool u can see the traffic passed the router.

Thx,

i have cisco router that is serving almost 600 dialup users..i have same rules in cisco router as in my mikrotik..rather i have extra checks in my MKT as compared to cisco router. have a look at WIKI to get detailed filters that are recomended.


regds,
Asad