Why? Prevent un-authorized people to access to the system. Intruder can steal information from you, or even deny you access to your resources. Intruder can use your resources to access to the other system. How? Keeping router up-to-date. Securing user & password. Securing physical access. Configuring packages. Hardening services. 01. Keeping router up-to-date firmware. Use current version Check Changelog before upgrade to newer version Download from trusted source Check file (MD5) when download from third party site https://mikrotik.com/download 02. Securing user & password. System> Users Change admin account name. Set complex password. Create separate account for each user. Set allowed address. Put read-only user in “read” group 03. Securing physical access. Interfaces> Interface List Disable Console (optional). Always logout console session. Disable Unused interface. Don’t configunused interface (optional). 04. Configurin
01. How to change default MikroTik ip services. IP> Services> IP Service List Default ip services SSH: 22 --> 62222 ftp: 21 --> 62121 telnet: 23 --> 62223 www: 80 --> 62880 winbox: 8291 --> 68291 02. Firewall Rules Allow. IP> Firewall> Filter Rules (+) General Chain: input Protocol: 6(tcp) Dst. Port: 8291 Action Action: accept Click Apply and OK button. 03. Test Verification. cmd telnet 192.168.1.1 62223 Login: admin Password: *****