Prevenindo ataques de login por força-bruta

🔒 Tutorial: Proteção contra força bruta no MikroTik (RouterOS v7)

📌 1. Criar listas de ataque (stages)

A ideia é simples:

• Tentou acessar → entra na stage1
• Insistiu → stage2
• Insistiu mais → stage3
• Passou disso → BLACKLIST (bloqueado)

 [admin@MikroTik] > /ip firewall filter

/ip/firewall/filter> add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop comment="Bloqueia ataques de login via SSH" disabled=no

/ip/firewall/filter> add chain=input protocol=tcp dst-port=22 connection-state=new \

... src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist \

... address-list-timeout=10d comment="" disabled=no

/ip/firewall/filter> add chain=input protocol=tcp dst-port=22 connection-state=new \

... src-address-list=ssh_stage2 action=add-src-to-address-list address-list=ssh_stage3 \

... address-list-timeout=1m comment="" disabled=no

/ip/firewall/filter> add chain=input protocol=tcp dst-port=22 connection-state=new \

... src-address-list=ssh_stage1 \

... action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment="" disabled=no

/ip/firewall/filter> add chain=input protocol=tcp dst-port=22 connection-state=new \

... action=add-src-to-address-list \

... address-list=ssh_stage1 address-list-timeout=1m comment="" disabled=no