How to Block port scanner in Mikrotik

  Block port scanner in MIkrotik   To protect the Router from port scanners, we can record the IPs of hackers who try to scan your box. Using this address list we can drop connection from those IP. /ip firewall filter   add   chain=input action=add-src-to-address-list protocol=tcp psd=21,3s,3,1       address-list=port_block address-list-timeout=2w TCP flags can also indicate port scanner activity. add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”NMAP FIN Stealth scan” add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”SYN/FIN scan” add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w…

Read More