5 Basic Points for Mikrotik Security
Securing the router is a very important thing to do to secure your network from nosy hackers. Of course, you don't want a nosy hacker to break into your router and tease your network or even delete all the existing configurations, of course that's very annoying. Especially if your router is already using a public IP, of course, router security must be prioritized, therefore here I will give a few tips on the Basics of Securing a Mikrotik Router.
5 Basic Points for Mikrotik Security
1. Change the default username and password
This is an open secret if username: admin password: (blank) is the default default from making proxy, therefore you have to change your username and password which are difficult to guess but easy to remember. The password combination between letters, numbers and special characters is highly recommended because it can make it difficult for hackers to guess with brute force techniques. You can change it in System> Users
2. Change or turn off the service port
By default, each proxy opens services such as ssh, telnet, ftp and others. Of course the opening of this service can be a gap for hackers to enter our router, so it is recommended to change the service port and it is better if the filter is also the IP that can access the service in the allowed section (if you have your own public static IP) or if not needed, you can just turn it off or disable it, to replace it you can access it at IP> Service
3. Creating Filter Rules
You can protect your router by creating Filter Rules to allow only certain IPs to access your router and you can also drop any suspicious ip that tries to break into your router. However, it should also be noted that if your router has other services running such as NTP, GRE tunnel or several routing protocols such as BGP, ospf, you need to add rules to be allowed in your filter rules. To make filter rules can be seen at IP> Firewall> Filter
4. Turning off the Neighborhood Features
Have you ever created Winbox on a network that has more than 1 router on the neighbor tab, you can see a lot of proxy mac addresses and ip routers? well that is a function of the neighboring feature on the proxy router, this can be dangerous if someone is nosy on our network he can see the ip address of our routers, therefore it is better if the feature is turned off, can be seen in IP> Neighborhood
5. Backup Periodically
Don't forget to back up regularly, especially if there are changes or additions to the configuration of your proxy router, the function of this backup is to anticipate if the router has a problem or if the configuration is accidentally reset, it can be seen in Files> Backup.
Don't forget to always monitor your proxy router logs to find out if someone is trying to break into your router or has even entered your router