Community discussions

MikroTik App
  4. RouterOS
  5. Scripting

Auto ban script

Post Reply
 
scap
newbie
Topic Author
Posts: 25
Joined: Thu Feb 09, 2006 12:33 am

Auto ban script

Thu Mar 09, 2006 11:31 am

I need auto ban script for mikrotik. My server under attack from too many ip addreses. I know which ips are attacker's ips but I need mikrotik download one text file and block that ip addresses.

how can I do this?

server can give plain text file ever line one ip address
mikrotik first flush old ips than put new ip addresses.
Top
 
changeip
Forum Guru
Forum Guru
Posts: 3833
Joined: Fri May 28, 2004 5:22 pm

Thu Mar 09, 2006 6:44 pm

A suggestion would be to setup a rule that watches ICMP pings of size XYZ, if found, add destination to an address-list and cancel the ping. This allows you to build an address-list on the fly from a machine behind your firewall. You can then firewall based on entries in that list. Entries will automatically fall off the list when their TTL is expired.

Just a suggestion - if its a busy router though performance will suffer if being attacked probably.

Sam
Top
 
scap
newbie
Topic Author
Posts: 25
Joined: Thu Feb 09, 2006 12:33 am

Thu Mar 09, 2006 9:32 pm

Attackers request an address from server (port 80). I write a rule to mikrotik. It fixed server load ,little. Do you offer diffrent way to stop this?

General
TCP

Advanced
TCP Flags SYN

Extra
Rate 1/sec
Burst 2
limit by src and dst addresses
Expire 40000 ms
Top
 
sash555
just joined
Posts: 11
Joined: Tue Nov 09, 2010 11:28 am

Re: Auto ban script

Sun Jun 24, 2012 2:38 pm

http://wiki.mikrotik.com/wiki/Bruteforc ... prevention
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 10 guests
  4. RouterOS
  5. Scripting