0% found this document useful (0 votes)

597 views11 pages

Hardening Mikrotik

The document provides instructions for hardening a Mikrotik router by disabling unnecessary services, securing administrative access, implementing firewall rules to block unauthorized traffic, and exporting the router configuration for backup purposes. Commands are given to disable interfaces, services, protocols, and features, set strong encryption for SSH access, create firewall rules to allow internal traffic and block external threats, update firewall address lists, secure the administrative user account, enable network time protocol, and export the router configuration file.

Uploaded by

Digit Oktavianto

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

597 views11 pages

Hardening Mikrotik

Uploaded by

Digit Oktavianto

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 11

Mikrotik Router Hardening Manito Networks

1 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

2 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

/interface print

/interface set 3,4 disabled=yes

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

3 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

4 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

/ip service disable 0,1,2,4,5,7

/tool bandwidth-server set enabled=no
/ip dns set allow-remote-requests=no
/ip socks set enabled=no

/ip ssh set strong-crypto=yes

tool mac-server set [find] disabled=yes

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

5 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

tool mac-server mac-winbox set [find] disabled=yes

tool mac-server ping set enabled=no

/ip service print

/tool mac-server print
/tool mac-server mac-winbox print
/tool mac-server ping print

/tool romon set enabled=no

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

6 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

/ip firewall address-list

add address=192.168.0.0/16 list=Bogon

add address=10.0.0.0/8 list=Bogon

add address=172.16.0.0/12 list=Bogon

add address=127.0.0.0/8 list=Bogon
add address=0.0.0.0/8 list=Bogon

add address=169.254.0.0/16 list=Bogon

/ip firewall filter

add chain=input comment="Accept Established / Related

Input" connection-state=established,related

add chain=input comment="Allow Management Input"

src-address=10.1.157.0/24

add action=drop chain=input comment="Drop Input" log=yes

log-prefix="Input Drop"

add action=fasttrack-connection chain=forward comment="Fast

Track Established / Related Forward" connectionstate=established,related

add chain=forward comment="Accept Established / Related

Forward" connection-state=established,related

add chain=forward comment="Allow client LAN traffic out

WAN" out-interface=ether1-gateway src-address=192.168.0.0/24

add action=drop chain=forward comment="Drop Bogon Forward
-> Ether1" in-interface=ether1-gateway log=yes

log-prefix="Bogon Forward Drop" src-address-list=Bogon

add action=drop chain=forward comment="Drop All Forward"

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

7 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

/user set 0 password=mygreatpassword

/user set 0 name=tikadmin

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

8 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

/ip neighbor discovery settings set default=no default-

for-dynamic=no

/ipv6 nd set [find] disabled=yes

/ip neighbor discovery set [find] discover=no

/ip settings set rp-filter=strict

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

9 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

/system note set show-at-login=yes

/system note set note="Authorized administrators only.

Access to this device is monitored."

/system ntp client set enabled=yes server-

dns-names=0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

10 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

export compact file=backup_config_router01

8/25/2016 10:20 PM

Mikrotik Router Hardening Manito Networks

11 of 11

http://www.manitonetworks.com/mikrotik/2016/5/24/mikrotik-router-ha...

8/25/2016 10:20 PM

LO1 - Networking Principles and Their Protocols
No ratings yet
LO1 - Networking Principles and Their Protocols
69 pages
Mikrotik - Filter Firewall
No ratings yet
Mikrotik - Filter Firewall
2 pages
First Time Configuration - RouterOS - MikroTik Documentation
100% (1)
First Time Configuration - RouterOS - MikroTik Documentation
13 pages
BEst Practices For Security Operation Center
No ratings yet
BEst Practices For Security Operation Center
18 pages
BEst Practices For Security Operation Center
No ratings yet
BEst Practices For Security Operation Center
18 pages
BRKRST 2333
No ratings yet
BRKRST 2333
85 pages
Conceptualizing and Measuring The Perceived Interactivity of Websites
No ratings yet
Conceptualizing and Measuring The Perceived Interactivity of Websites
33 pages
Scribd Downloader Free Extension Opera Add Ons
No ratings yet
Scribd Downloader Free Extension Opera Add Ons
1 page
MUMID17 - MikroTik Hotspot Audit & Hardening PDF
No ratings yet
MUMID17 - MikroTik Hotspot Audit & Hardening PDF
60 pages
How To Protect Your MikroTik RouterOS
No ratings yet
How To Protect Your MikroTik RouterOS
13 pages
Mikrotik PBR Guide
No ratings yet
Mikrotik PBR Guide
10 pages
Ethernet Based ISP Mikrotik Step by Step Configuration Under 5 Minutes
50% (2)
Ethernet Based ISP Mikrotik Step by Step Configuration Under 5 Minutes
17 pages
Mikrotik RouterOS Web Proxy in Transparent Mode
100% (1)
Mikrotik RouterOS Web Proxy in Transparent Mode
11 pages
OSPF Routing in MikroTik PDF
No ratings yet
OSPF Routing in MikroTik PDF
48 pages
Mikrotik Ipv6
No ratings yet
Mikrotik Ipv6
6 pages
Mikrotik Static IP WAN - LAN PPPoE Server Config
No ratings yet
Mikrotik Static IP WAN - LAN PPPoE Server Config
4 pages
OSPF in MikroTik RouterOS V6: The Basics by Inquirinity
No ratings yet
OSPF in MikroTik RouterOS V6: The Basics by Inquirinity
4 pages
Mikrotik Aradial Configuration Guide
No ratings yet
Mikrotik Aradial Configuration Guide
30 pages
PCC LoadBalance3WANs
No ratings yet
PCC LoadBalance3WANs
4 pages
Basic Traffic Shaping Based On Layer-7 Protocols - MikroTik Wiki
No ratings yet
Basic Traffic Shaping Based On Layer-7 Protocols - MikroTik Wiki
14 pages
Mtcna 05 2012
No ratings yet
Mtcna 05 2012
398 pages
Ddos Detect Mikrotik
No ratings yet
Ddos Detect Mikrotik
30 pages
Mikrotik - Hotspot - Audit - Dan - Hardening - Sahoobi
No ratings yet
Mikrotik - Hotspot - Audit - Dan - Hardening - Sahoobi
60 pages
Using PCC To Load Balance Across Multiple Wan in Mikrotik
No ratings yet
Using PCC To Load Balance Across Multiple Wan in Mikrotik
4 pages
MikroTik Configuration With DHCP WAN Connection
No ratings yet
MikroTik Configuration With DHCP WAN Connection
3 pages
Presentation 4922 1510103908
No ratings yet
Presentation 4922 1510103908
24 pages
Full Bandwidth Management Parent Queue Tree
No ratings yet
Full Bandwidth Management Parent Queue Tree
13 pages
MTCNA-Presentation Ver 1.0-1
No ratings yet
MTCNA-Presentation Ver 1.0-1
199 pages
Easy Mikrotik HotSpot Setup
No ratings yet
Easy Mikrotik HotSpot Setup
5 pages
Manual:First Time Startup: Connecting To A Device
No ratings yet
Manual:First Time Startup: Connecting To A Device
5 pages
Script Blokir Virus Mikrotik
No ratings yet
Script Blokir Virus Mikrotik
1 page
MikroTik Routers and Wireless - Software
No ratings yet
MikroTik Routers and Wireless - Software
7 pages
Routing Introduction in BGP
No ratings yet
Routing Introduction in BGP
48 pages
MikroTik Routers and Wireless - Downloads
No ratings yet
MikroTik Routers and Wireless - Downloads
2 pages
HotSpot Gateway
No ratings yet
HotSpot Gateway
20 pages
Cân Bằng Tải + Fail Over NetWatch
No ratings yet
Cân Bằng Tải + Fail Over NetWatch
5 pages
MPLS
100% (1)
MPLS
29 pages
Manual - CRS Examples - MikroTik Wiki
No ratings yet
Manual - CRS Examples - MikroTik Wiki
20 pages
Mikrotik Hotspot Quick Setup Guide
No ratings yet
Mikrotik Hotspot Quick Setup Guide
6 pages
MikroTik Script Writing and Sending Guide
No ratings yet
MikroTik Script Writing and Sending Guide
2 pages
Full Bandwidth Management Parent Queue Tree: Internet Connection
No ratings yet
Full Bandwidth Management Parent Queue Tree: Internet Connection
12 pages
Example Fully Manual Setting Up Capsman Wi-Fi On Mikrotik Router (Seamless Roaming)
No ratings yet
Example Fully Manual Setting Up Capsman Wi-Fi On Mikrotik Router (Seamless Roaming)
29 pages
Da Lo Radius
No ratings yet
Da Lo Radius
8 pages
Advanced Routing Failover Without Scripting
No ratings yet
Advanced Routing Failover Without Scripting
4 pages
Mikrotik SXT - Bridging Network
No ratings yet
Mikrotik SXT - Bridging Network
8 pages
Diagaram Flow Packet Mikrotik
No ratings yet
Diagaram Flow Packet Mikrotik
6 pages
CSLtraining MikroTik Class 1
No ratings yet
CSLtraining MikroTik Class 1
85 pages
MikroTik As Firewall
No ratings yet
MikroTik As Firewall
18 pages
Configure Verify and Troubleshoot LACP
No ratings yet
Configure Verify and Troubleshoot LACP
4 pages
Bandwidth Management Config JulyNet
No ratings yet
Bandwidth Management Config JulyNet
26 pages
General Settings For User Authentication and Accounting
No ratings yet
General Settings For User Authentication and Accounting
20 pages
High Availability On MikroTik RouterOS PDF
No ratings yet
High Availability On MikroTik RouterOS PDF
29 pages
OpenVPN Server Setup On Mikrotik RouterOS - Lazy Geek - ) PDF
No ratings yet
OpenVPN Server Setup On Mikrotik RouterOS - Lazy Geek - ) PDF
10 pages
QoS+ PCQ
0% (1)
QoS+ PCQ
36 pages
RouterOS How To
No ratings yet
RouterOS How To
16 pages
Mikrotik Configuration For Transparent Web Proxy
No ratings yet
Mikrotik Configuration For Transparent Web Proxy
18 pages
Hardening Mikrotik
No ratings yet
Hardening Mikrotik
4 pages
Basic Configuration With Mikrotik Cli: Bdnog11
No ratings yet
Basic Configuration With Mikrotik Cli: Bdnog11
25 pages
Mikrotik CLI
No ratings yet
Mikrotik CLI
18 pages
Advanced Mikrotik Router-Os Protections
No ratings yet
Advanced Mikrotik Router-Os Protections
7 pages
MikroTik - Config
No ratings yet
MikroTik - Config
55 pages
Basic Guidelines On RouterOS Configuration and Debugging2
No ratings yet
Basic Guidelines On RouterOS Configuration and Debugging2
60 pages
MikroTik Load Balancing Over Multiple Gateways
100% (2)
MikroTik Load Balancing Over Multiple Gateways
6 pages
Mikrotik Configuration
No ratings yet
Mikrotik Configuration
13 pages
Manual Mikrotik
No ratings yet
Manual Mikrotik
88 pages
Balanceo PCC Failover
No ratings yet
Balanceo PCC Failover
4 pages
Meitsec Soc NF v11
No ratings yet
Meitsec Soc NF v11
28 pages
Anatomy of A SOC
No ratings yet
Anatomy of A SOC
37 pages
IP Pasolink Server 2
No ratings yet
IP Pasolink Server 2
204 pages
Designing Modern SOC - Chuvakin
100% (1)
Designing Modern SOC - Chuvakin
34 pages
Cryptography and Network Security: Fifth Edition by William Stallings
No ratings yet
Cryptography and Network Security: Fifth Edition by William Stallings
33 pages
Computers For Dummies Thingy
No ratings yet
Computers For Dummies Thingy
17 pages
IPTV Final
No ratings yet
IPTV Final
5 pages
Squid Proxy Configuration Guide
No ratings yet
Squid Proxy Configuration Guide
28 pages
RemoteAccess Service UserGuide
No ratings yet
RemoteAccess Service UserGuide
17 pages
Data Dissemination (MC Unit-6)
96% (45)
Data Dissemination (MC Unit-6)
17 pages
Lewis Learning Maturity Model Benchmark Evaluation: Demographics
No ratings yet
Lewis Learning Maturity Model Benchmark Evaluation: Demographics
6 pages
Manual PDF
No ratings yet
Manual PDF
85 pages
Digital Transformation As An Interaction-Driven Perspective Between Business, Society, and Technology
No ratings yet
Digital Transformation As An Interaction-Driven Perspective Between Business, Society, and Technology
16 pages
File 034
No ratings yet
File 034
25 pages
Takale Charitable Trust Presentation
100% (20)
Takale Charitable Trust Presentation
76 pages
IS IS Routing Protocol Part 1 Cheatsheet Network Walks
No ratings yet
IS IS Routing Protocol Part 1 Cheatsheet Network Walks
1 page
Ccnpv7 Route Lab6-1 Nat Student
No ratings yet
Ccnpv7 Route Lab6-1 Nat Student
9 pages
Writtinng An Argumentative Essay
100% (1)
Writtinng An Argumentative Essay
2 pages
Top 50 Cyber Security Interview Questions and Answers in 2022
No ratings yet
Top 50 Cyber Security Interview Questions and Answers in 2022
14 pages
Use of Black Hole Route in Site To Site IPsec VPN Scenarios
No ratings yet
Use of Black Hole Route in Site To Site IPsec VPN Scenarios
2 pages
ISA49092 - Reporte Semanal - PC LINK S.A.C.-2023-10-02-0145 - 6513
No ratings yet
ISA49092 - Reporte Semanal - PC LINK S.A.C.-2023-10-02-0145 - 6513
14 pages
Screenshot 2024-06-27 at 2.57.46 PM
No ratings yet
Screenshot 2024-06-27 at 2.57.46 PM
9 pages
Amazon CloudFront
No ratings yet
Amazon CloudFront
9 pages
M.A. English 2019 20 PDF
No ratings yet
M.A. English 2019 20 PDF
52 pages
University of Gujrat: Final Term Exam (Online)
0% (1)
University of Gujrat: Final Term Exam (Online)
5 pages
CBSE English Class X Sample Paper - 2
No ratings yet
CBSE English Class X Sample Paper - 2
14 pages
Intermediary Liability
No ratings yet
Intermediary Liability
13 pages
VNR i3LEARNHUB ENG
No ratings yet
VNR i3LEARNHUB ENG
12 pages
9713 Applied ICT Example Candidate Responses Booklet WEB
No ratings yet
9713 Applied ICT Example Candidate Responses Booklet WEB
104 pages
Introduction To GIFI Technology
No ratings yet
Introduction To GIFI Technology
16 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Hardening Mikrotik

Uploaded by

Hardening Mikrotik

Uploaded by

Mikrotik Router Hardening Manito Networks

Mikrotik Router Hardening Manito Networks

/interface set 3,4 disabled=yes

Mikrotik Router Hardening Manito Networks

Mikrotik Router Hardening Manito Networks

/ip service disable 0,1,2,4,5,7

/ip ssh set strong-crypto=yes

tool mac-server set [find] disabled=yes

Mikrotik Router Hardening Manito Networks

tool mac-server mac-winbox set [find] disabled=yes

/ip service print

/tool romon set enabled=no

Mikrotik Router Hardening Manito Networks

/ip firewall address-list

add address=192.168.0.0/16 list=Bogon

add address=172.16.0.0/12 list=Bogon

add address=169.254.0.0/16 list=Bogon

/ip firewall filter

add chain=input comment="Accept Established / Related

add chain=input comment="Allow Management Input"

add action=drop chain=input comment="Drop Input" log=yes

add action=fasttrack-connection chain=forward comment="Fast

add chain=forward comment="Accept Established / Related

add chain=forward comment="Allow client LAN traffic out

WAN" out-interface=ether1-gateway src-address=192.168.0.0/24

log-prefix="Bogon Forward Drop" src-address-list=Bogon

add action=drop chain=forward comment="Drop All Forward"

Mikrotik Router Hardening Manito Networks

/user set 0 password=mygreatpassword

Mikrotik Router Hardening Manito Networks

/ip neighbor discovery settings set default=no default-

/ipv6 nd set [find] disabled=yes

/ip neighbor discovery set [find] discover=no

/ip settings set rp-filter=strict

Mikrotik Router Hardening Manito Networks

/system note set show-at-login=yes

/system note set note="Authorized administrators only.

/system ntp client set enabled=yes server-

Mikrotik Router Hardening Manito Networks

export compact file=backup_config_router01

Mikrotik Router Hardening Manito Networks

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.