Butch Evans has a nice inexpensive script for Mikrotik that takes care of this nicely.
Why even let it through the input chain is my thought. From: Af [mailto:af-boun...@afmug.com] On Behalf Of Ty Featherling via Af Sent: Wednesday, December 10, 2014 7:30 AM To: af@afmug.com Subject: Re: [AFMUG] Mikrotik brute force Note to self, double check all API services are OFF. -Ty On Tue, Dec 9, 2014 at 4:03 PM, Mike Hammett via Af <af@afmug.com<mailto:af@afmug.com>> wrote: I have seen an increase in API attacks lately. ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com ________________________________ From: "George Skorup (Cyber Broadcasting) via Af" <af@afmug.com<mailto:af@afmug.com>> To: af@afmug.com<mailto:af@afmug.com> Sent: Tuesday, December 9, 2014 3:51:18 PM Subject: [AFMUG] Mikrotik brute force Nice. WTF. http://mkbrutusproject.github.io/MKBRUTUS/