como bloquear tentativas de ataques a Mikrotik

Acesse a Mikrotik pelo WimBox, vá até o “New Terminal” e cole o texto abaixo

/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
“place hotspot rules here” disabled=yes
add action=drop chain=input comment=”DROP SSH BRUTE FORCERS ( BLACK LIST )” \
disabled=no dst-port=22 protocol=tcp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=4w2d chain=input comment=”” connection-state=new \
disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m chain=input comment=”” connection-state=new \
disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
address-list-timeout=1m chain=input comment=”” connection-state=new \
disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
address-list-timeout=1m chain=input comment=”” connection-state=new \
disabled=no dst-port=22 protocol=tcp
add action=drop chain=input comment=”BLOQUEIO SSH – PORT 22-23″ disabled=no \
dst-port=22-23 protocol=tcp

/ip firewall filter
add chain=input protocol=tcp dst-port=21 src-address-list=ftp_blacklist action=drop comment=”BARRAR BRUTE FORCA PARA FTP”
add chain=output action=accept protocol=tcp content=”530 Login incorrect” dst-limit=1/1m,9,dst-address/1m
add chain=output action=add-dst-to-address-list protocol=tcp content=”530 Login incorrect” address-list=ftp_blacklist address-list-timeout=3h

/ip firewall filter
add action=add-src-to-address-list address-list=bloqueados address-list-timeout=20h chain=input comment=”Adiciona Port Scanners a lista de bloqueados por 99hs” disabled=no protocol=tcp psd=20,3s,3,1

add action=add-src-to-address-list address-list=bloqueados address-list-timeout=20h chain=input comment=”Adiciona Mass Scanners a lista de bloqueados por 99hs” disabled=no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack

add action=add-src-to-address-list address-list=bloqueados address-list-timeout=20h chain=input comment=”Adiciona Null Scanners a lista de bloqueados por 99hs” disabled=no protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg

Pressione “Enter” a cada parágrafo e após finalizar a Mikrotik vai ficar protegida contra ataques via SSH