MikroTik

Community discussions
https://forum.mikrotik.com/

Bruteforce ssh prevention

https://forum.mikrotik.com/viewtopic.php?t=91221

Page 1 of 1

Bruteforce ssh prevention

Posted: Thu Nov 13, 2014 3:12 am
by cavaughan
I added the firewall filters to help prevent bruteforce logins on ssh per the instruction at:

http://wiki.mikrotik.com/wiki/Bruteforc ... %26_SSH%29

I see continual attempts that trace back to China trying to ssh in, but when I go to: /ip firewall address-list and issue print command, nothing is ever there.
Is there something else I need to do?

Since posting this I also found the following suggestion and changed everything accordingly
.
http://forum.mikrotik.com/viewtopic.php ... te#p439986

Re: Bruteforce ssh prevention

Posted: Sat Nov 15, 2014 12:57 am
by cavaughan
So, the latter in my understanding of what it should do is not working. I'm watching right now attempted ssh logins, dozens in a row from the same ip all for root. But the rules never applied. Any ideas what's going on?

Re: Bruteforce ssh prevention

Posted: Tue Dec 16, 2014 2:32 pm
by eyegeegeewhy
I could never get this working either

Re: Bruteforce ssh prevention

Posted: Tue Dec 16, 2014 3:14 pm
by jarda
Check the rules order and if address lists are filled.
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/