I have watched your Firewall Series and have enjoyed it immensly. After viewing this several times I believe I have the knowledge to configure my CCR in a secure manner. Thank you very much.
🔒 How’s your Port Knocking strategy, eh? Share your thoughts on this security technique! 💬💡On my next video, we will use the RAW table to improve even more the current setup
Place port scanning block rule in RAW/prerouting chain - it will save CPU resources. Place PSD rule in Input chain under "Allow Established, related rule". Consider to exclude from PSD process ports that are port knock process targets - PSD may prevent PK to work. Greate video. I appreciate Your work. Best regards ;)
Fantastic! Thanks for sharing, simple, small and very clear! I just have successfully get implemented port-knocking, but no PSD until now. Greetings from Rosario, Argentina. I'm follow You!
Also firewall ( security) is an important topic to all expeciailly to those who uses mikrotik. This will draw alot of attention to your UA-cam page . Weldone once more and thanks
Knock knock Mr Wilmer 😅 . Port knocking has never been made this easy . I basically put your page on full alert to be recieving all you content . Thanks and thanks for a well explained presentation ❤❤❤❤
I like this guy maximum. First time i see on youtube about 2 years ago, at that time i have a simple wifi router from d-link. When i buy first mikrotik i dont have idea how configure my internet conection. I put back d-link for play Wilmer. Now i have CCR2004->CRS317->(CRS326 AND CRS 310 FOR 2.5GB)
Thanks for the support over the years! It’s amazing to see how far you’ve come with your MikroTik setup. From D-Link to CCR2004 and CRS switches - keep up the great work!
Dear Mr. Wilmer, many thanks for this 3. video. I learned a lot by this video series and am impressed by the options that can be configured. Keep it up, I look forward to more great videos👍
Wilmer impecable como siempre, gracias por compartir tus conocimientos. Tengo una pregunta referente al Firewall y sus reglas. Noto que tu FW básico no tiene al final una regla que bloquee en la cadena de forward como lo haces con el input. Pregunto, no hace falta?. Gracias
Hello there! Congatulations for a great video and tips for securing the MK router, specially in my case where I have a static public IP on it. One question: how can I set up on Winbox an exception rule to allow port scanning only from my LAN and or specific public Ip?
Thank you sir, you video are amazing... there is something I did recently on a mikrotik device n I lost access to the device, on the forward chain I drop everything else, and there are other fire rule I added but can't remember what I did.
I have watched your Firewall Series and have enjoyed it immensly. After viewing this several times I believe I have the knowledge to configure my CCR in a secure manner. Thank you very much.
Well-structured and thorough material. We await the sequel.
Thank you, I'm glad to hear that!
🔒 How’s your Port Knocking strategy, eh? Share your thoughts on this security technique! 💬💡On my next video, we will use the RAW table to improve even more the current setup
Place port scanning block rule in RAW/prerouting chain - it will save CPU resources. Place PSD rule in Input chain under "Allow Established, related rule". Consider to exclude from PSD process ports that are port knock process targets - PSD may prevent PK to work.
Greate video. I appreciate Your work. Best regards ;)
Thanks! I’ll talk about the Raw table in one of the upcoming videos on this series. I’ve just touched the surface until now (Ep 3 out of 25)
Useful information. You are a good teacher and amazing engineer. I am glad that i found your channel on youtube.
Thank you very much!
Fantastic! Thanks for sharing, simple, small and very clear! I just have successfully get implemented port-knocking, but no PSD until now. Greetings from Rosario, Argentina. I'm follow You!
Fantastic!
Also firewall ( security) is an important topic to all expeciailly to those who uses mikrotik. This will draw alot of attention to your UA-cam page . Weldone once more and thanks
Security must always be implemented in out networks. Thank you 👍🏻
Excelente tu trabajo en general. Saludos desde Argentina
Gracias! Saludos
Knock knock Mr Wilmer 😅 . Port knocking has never been made this easy . I basically put your page on full alert to be recieving all you content . Thanks and thanks for a well explained presentation ❤❤❤❤
Thanks 😃
thats a very impressive firewall rule to implement, u are best. make more video about mikrotik mangle
I like this guy maximum. First time i see on youtube about 2 years ago, at that time i have a simple wifi router from d-link. When i buy first mikrotik i dont have idea how configure my internet conection. I put back d-link for play Wilmer. Now i have CCR2004->CRS317->(CRS326 AND CRS 310 FOR 2.5GB)
Thanks for the support over the years! It’s amazing to see how far you’ve come with your MikroTik setup. From D-Link to CCR2004 and CRS switches - keep up the great work!
Very clear. keep up the good work. Thanks
Thanks, will do!
Dear Mr. Wilmer, many thanks for this 3. video. I learned a lot by this video series and am impressed by the options that can be configured. Keep it up, I look forward to more great videos👍
Thank you!
Excellent videos, good series here, lot of people doesn't think about router security or they are thinking it won't happen to them.
100% agree! Thank you
as always so thansful Mr.Wilmer...!!!
sincerely.
You are very welcome
thank you
Thank you too!
I just subscribed to your channel the other day am new in mikrotik i know this channel will be so helpful to me thanks man 👊👊
Thanks!
Hope you are going to continue this series. Thank you
Hey Liked the video on firewall. Nicely explained. Can you give something on Mangle Tables ?
Hello!
The firewall series will continue soon. I will cover every tab under /ip firewall, including Mangle.
Coming soon, stay tuned!
Wilmer impecable como siempre, gracias por compartir tus conocimientos. Tengo una pregunta referente al Firewall y sus reglas. Noto que tu FW básico no tiene al final una regla que bloquee en la cadena de forward como lo haces con el input. Pregunto, no hace falta?. Gracias
Hola,
Esta es una serie de vídeos sobre el firewall en Mikrotik.
Por el momento solo he hablado de input.
@@TheNetworkTrip Aahh ok, estaré atento a tus próximos videos. Gracias por responder.
Great video, thank you. Could you please add a video on DDOS protection
Thanks!
I’ll go over different types attacks in this series. More videos coming soon
Hello there! Congatulations for a great video and tips for securing the MK router, specially in my case where I have a static public IP on it. One question: how can I set up on Winbox an exception rule to allow port scanning only from my LAN and or specific public Ip?
Thanks for this excellent and usefull video
Thank you sir, you video are amazing... there is something I did recently on a mikrotik device n I lost access to the device, on the forward chain I drop everything else, and there are other fire rule I added but can't remember what I did.
Are there any Windows-based apps to automate the port knocking sequence?
Hello!
There are some options like the following Python resource: github.com/grongor/knock or www.epinox.de/en/windows/port-knocking-tool.html
Good job.
Thank you!
Can you make port redirection using port knocking?
Hello!
If the redirection is using different port numbers, yes
I love your video...
Thank you!😊
Thank you ♥
Спасибо!
Thank you very much!
Mr. Wilmer, where are the next firewall series? There hasn't been a video on the channel for a long time... Regards.
mo effective to drop port-scanners traffic in RAW tab (prerouting) even before firewall rules. CPU will say thanks :)
That’s correct! 100% agree.
The Raw Table is coming next in the series.
Do something with volume levels at the end of the video.
Thanks for letting me know. I’ll fix it
😀😀😀 I LIKE THIS , THI IS NICE😋😋
how block netshare app please guide me