How to Protect Mikrotik from Hacker Attacks with Port Knocking: An Easy Steps by Steps Guide

How to Protect Mikrotik from Hacker Attacks with Port Knocking: Protection and security on Mikrotik routers is very important to maintain the continuity of our computer network. Especially to protect the Mikrotik router from hacker attacks and irresponsible people. One way to protect Mikrotik from Hacker Attacks is to use Port Knocking.

Port Knocking is one way to protect the proxy router from hacking or brute force by blocking Telnet, Mac Telnet, SSH or Winbox, and only opening access for administrators. In this way the network administrator can make changes to the settings on the router more securely.

The trick is to block the Telnet port, Mac Telnet, SSH or Winbox and when the admin wants to do the configuration on the proxy, it must send ICMP / ping packets and also port 80 / access the router’s IP in the browser so that the port is opened. So we will Prevent Hacker Attacks with Mikrotik Firewall.

Here are the steps on how to protect Mikrotik from Hacker Attacks with Port Knocking:

1. Login to Mikrotik via Winbox. Go to IP Menu –> Firewall –> on the Filter tab –> Add (+) rule.

2. On the General tab:

  • Chain : input
  • Protocol : icmp
How to Protect Mikrotik from Hacker Attacks with Port Knocking

3. On the Actions tab:

  • Action : add src to address list
  • Address List : ICMP
  • Timeout : 00:01:00 (1 minute)
  • Apply –> OK
dsfdsfdsf

4. The above rule functions so that everyone who sends an ICMP packet for a request to open a port is only valid for 1 minute, and later the IP will enter the Address List in the Mikrotik Firewall.

5. We also add a rule so that the router asks you to send a request using port 80 or access the router’s ip on the web.

6. Add a second rule. On the General tab:

  • Chain : input
  • Protocol: tcp
  • Etc. Ports: 80
fghh

7. On the Advanced tab:

  • Src. Address List : ICMP
gfdgt456

8. On the Actions tab:

  • Action : add src to address list
  • Address List : ICMP + HTTP
  • Timeout : 00:01:00
454545

9. Now we add a third rule so that Mikrotik can recognize the IP admin who sends ICMP requests and sends Web requests that function to open SSH, Telnet and Winbox ports.

10. On the General tab:

  • Chain : input
  • Protocol: tcp
  • Etc. Ports : 80,22,8291
53545

11. On the Advanced tab:

  • Src. Address List : ! ICMP + HTTP (Don’t forget to click the box until the “!”)
dsdsdsds223

12. On the Actions tab

  • Action : drop
3433563456

13. After all the rules are created, the arrangement of the rules is like this:

5466ry6fgg

14. Now we try to test this Port Knocking rule. Close Winbox –> Open PuTTY (SSH) –> Login to Mikrotik via PuTTY. Also try logging in again via Winbox. The result we can not login.

4535356dfgdf

15. So that we can login, open CMD –> to the Mikrotik IP address –> Open the web browser –> access Mikrotik IP via a web browser.

53445tdg

16. Now we try to login via Winbox or PuTTY (SSH). The result we can login. Try checking the address list (IP –> Firewall –> the Address List tab). Our IP will be recorded in the address list for 1 minute.

dfdfdfdfdfdf

17. ATTENTION THIS IS IMPORTANT!!! Because our IP address is only recorded for 1 minute in the address list, so that we can still log in to Mikrotik, the last rule must be disabled first. If not, then after 1 minute winbox will disconnect.

3564fgdfg

18. After we finish configuring Mikrotik, before logging off Winbox, don’t forget to enable (enable) the third rule so that Port Knocking protection can run again.

Thus the Tutorial on How to Protect Mikrotik from Hacker Attacks with Port Knocking. Please try and apply on each Mikrotik to prevent Mikrotik Hacking.

Related

Author

  • kizaru

    Hi! I’m Kizaru. I grew up addicted to different Gadget & Computer Accessories. I began working as an IT Support Supervisor in Hospitality company years ago and realized my passion for Computer & Gadget Accessories. Digiva.net is a place for me to share my different findings and experiences about Computer & Gadget Accessories. For more information, Check Out My About Me Page!