API tools faq
paste
Advertisement
kajege

drop brute force

kajege
May 11th, 2017
153
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.32 KB | None | 0 0
raw download clone embed print report
  1. #drop_ftp
  2.  
  3. /ip firewall filter
  4. add chain=output comment="Drop FTP Brute Forcers" content=\
  5. "530 Login incorrect" dst-limit=1/1m,9,dst-address/1m protocol=tcp
  6. add action=add-dst-to-address-list address-list=FTP_BlackList \
  7. address-list-timeout=1d chain=output content="530 Login incorrect" \
  8. protocol=tcp
  9. add action=drop chain=input dst-port=21 protocol=tcp src-address-list=\
  10. FTP_BlackList
  11.  
  12. #drop_ssh_telnet
  13.  
  14. /ip firewall filter
  15. add action=add-src-to-address-list address-list=SSH_BlackList_1 \
  16. address-list-timeout=1m chain=input comment=\
  17. "Drop SSH&TELNET Brute Forcers" connection-state=new dst-port=22-23 \
  18. protocol=tcp
  19. add action=add-src-to-address-list address-list=SSH_BlackList_2 \
  20. address-list-timeout=1m chain=input connection-state=new dst-port=\
  21. 22-23 protocol=tcp src-address-list=SSH_BlackList_1
  22. add action=add-src-to-address-list address-list=SSH_BlackList_3 \
  23. address-list-timeout=1m chain=input connection-state=new dst-port=\
  24. 22-23 protocol=tcp src-address-list=SSH_BlackList_2
  25. add action=add-src-to-address-list address-list=IP_BlackList \
  26. address-list-timeout=1d chain=input connection-state=new dst-port=\
  27. 22-23 protocol=tcp src-address-list=SSH_BlackList_3
  28. add action=drop chain=input dst-port=22-23 protocol=tcp \
  29. src-address-list=IP_BlackList
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!