Blocking Mikrotik from Scan Winbox and Neighbor Tutorial

November 5, 2009 | Posted by admin

Sometimes the ISP or service provider is not too keen to protect their customer. Especially when the router protects customers who use Mikrotik RouterOS ™. By running Mikrotik IP>> Neighbor we can see the other mikrotik router physically connected to our mikrotik router via our provider network.

For that we can protect it with a variety of ways such as blocking scan of mikrotik Winbox and our mikrotik neighbor. Here is the easiest way:

admin@mikrotik] interface bridge> filter print
Flags: X – disabled, I – invalid, D – dynamic
0 ;;; block discovery mikrotik
chain=forward in-interface=ether1 mac-protocol=ip dst-port=5678
ip-protocol=udp action=drop

1 ;;; block discovery mikrotik
chain=input in-interface=ether1 mac-protocol=ip dst-port=5678
ip-protocol=udp action=drop

2 ;;; block discovery mikrotik
chain=output mac-protocol=ip dst-port=5678 ip-protocol=udp action=drop

3 ;;; block discovery mikrotik
chain=input in-interface=ether1 mac-protocol=ip dst-port=8291
ip-protocol=tcp action=drop

4 ;;; block winbox mikrotik
chain=forward in-interface=ether1 mac-protocol=ip dst-port=8291
ip-protocol=tcp action=drop

5 ;;; block request DHCP
chain=input mac-protocol=ip dst-port=68 ip-protocol=udp action=drop

6 ;;; block request DHCP
chain=forward mac-protocol=ip dst-port=68 ip-protocol=udp action=drop

7 ;;; block request DHCP
chain=output mac-protocol=ip dst-port=68 ip-protocol=udp action=drop

With this command we can close some scans mainly using mikrotik Winbox and mikrotik ip neighbor. Port above is part of the share mikrotik RouterOS is the need for mikrotik monitoring.

credit : tutorial.multisolusi.com

0 people like this post.

Like 

Categories: MIKROTIK | Tags: MIKROTIK, tutorial | No Comments »