Quantcast
Channel: MikroTik
Viewing all articles
Browse latest Browse all 23558

Beginner Basics • Re: Attempting to isolate Winbox access [SOLVED]

$
0
0
Lately I see dozens and dozens of customers with a hacked DVR / NVR because they insist on leaving a port open to reach it from outside,
instead of using the cloud or a VPN first...
(All used as an attack vector for RDP protocols)

It will be yet another NVR in the hands of hackers.



add action=accept chain=forward comment="NVR NTP" dst-address=0.0.0.0 dst-port=123 protocol=udp src-address-list=NVR-set
>>> dst-address must not exist or not work as expected (permit everywhere the NTP)

add action=drop chain=forward comment="defconf: drop all else" connection-nat-state="" connection-state="" in-interface-list=all
>>> connection-nat-state and connection-state must not be present or not work as expected

Statistics: Posted by rextended — Fri Feb 28, 2025 12:50 pm



Viewing all articles
Browse latest Browse all 23558

Trending Articles