I've never seen a rule like this on Mikrotik, but what Butch preaches is a proactive approach. I do this on my core router.
Filter rules: accept input 22/tcp from src.addr list block all of the input 22/tcp traffic Repeat for 21, 8291, 80 etc Add "good" or well known IPs to the src.addr list This way you have to come from a known IP. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 "When you have eliminated the impossible, that which remains, however improbable, must be the truth." --- Sir Arthur Conan Doyle On Tue, Oct 27, 2009 at 12:03 PM, Scott Vander Dussen <sc...@velociter.net>wrote: > Lamer question- > I have a MT box we use for a public hotspot and logs reveal folks are > trying to hack the password (from WAN, not actual customers) - IPs trace > back to China and stuff.. anyhow - is there an easy way to implement a > temporary (12 hour) or so ban on an IP after x attempts? Thanks. > > `S > > > > > -------------------------------------------------------------------------------- > WISPA Wants You! Join today! > http://signup.wispa.org/ > > -------------------------------------------------------------------------------- > > WISPA Wireless List: wireless@wispa.org > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ > -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/