security added

Mikrotik_FAQ.md

@@ -93,4 +93,109 @@ Drag and drop lower version then got to <code>System</code>--> <code>Package Lis
 
     ip dhcp-client> print detail
 
-</p>
+</p>
+
+## how to block windows update ?
+
+    /ip firewall filter
+    add action=drop chain=forward comment="Windows Update" content=windowsupdate.microsoft.com
+    add action=drop chain=forward comment="Windows Update" content=*.windowsupdate.microsoft.com
+    add action=drop chain=forward comment="Windows Update" content=*.update.microsoft.com
+    add action=drop chain=forward comment="Windows Update" content=*.windowsupdate.com
+    add action=drop chain=forward comment="Windows Update" content=download.windowsupdate.com
+    add action=drop chain=forward comment="Windows Update" content=download.microsoft.com
+    add action=drop chain=forward comment="Windows Update" content=*.download.windowsupdate.com
+    add action=drop chain=forward comment="Windows Update" content=wustat.windows.com
+    add action=drop chain=forward comment="Windows Update" content=ntservicepack.microsoft.com
+    add action=drop chain=forward comment="Windows Update" content=stats.microsoft.com
+
+
+<p>Note:if a user establish a vpn connection this rule is useless!!!</p>
+<p>Note:you can also add more subdomains</p>
+
+
+## How to update mikrotik?
+
+check for updates just with one script and install it
+
+after 6.31 version:
+
+    /system package update
+    Check-for-updates once
+    : delay 1s;
+    : If ([get status] = "New version is available") do= {install}
+
+
+before 6.31 version:
+
+    System package update
+    Check-for-updates
+    : delay 1s;
+    : if ( [get current-version] != [get latest-version]) do={ upgrade }
+
+## How to backup RouterOS Configuration Files?
+
+
+save Configuration
+
+    /system backup save filename=[backup_filename.backup]
+
+Load Configuration
+
+    /system backup load filename=[backup_filename.backup]
+
+
+
+## How to Backup Mikrotik Settings?
+
+<ul>
+<li>Web Interface: Login > Files > Backup (optional: name & password).</li> 
+<li>Winbox: Connect > Files > New > Backup (optional: name & password).</li> 
+<li>Terminal: Upload backup file (if needed).</li> 
+<li>Terminal: cd /files (navigate to backup location).</li> 
+<li>Terminal: /system backup load filename=[backup_filename.backup].</li> 
+<li>(Terminal & Winbox): Confirm & enter password (if needed).</li> 
+<li>(Terminal & Winbox): Monitor restoration progress.</li> 
+<li>(Terminal & Winbox): Download backup for safekeeping.</li> 
+<li>(Terminal & Winbox): Reboot (unless using dont-reboot option in terminal).</li> 
+<li>Store backup securely (separate from router).</li> 
+</ul>
+
+
+
+
+
+## How to Restore the Backup Mikrotik Terminal?
+
+<ul>
+<li>Access the MikroTik terminal.</li> 
+<li>Upload backup file (if needed).</li> 
+<li>Use /system backup load filename=[backup_filename.backup].</li> 
+<li>Confirm and enter the password (if needed).</li> 
+<li>Monitor the restoration process.</li> 
+<li>Reboot (unless using dont-reboot option).</li> 
+</ul>
+
+
+
+## How to see RouterOs Configuartion in plain text?
+
+backup the config file without encryption.
+
+    /system backup save name=MikroTikBackup dont-encrypt=yes Saving system configuration
+
+view config file in terminal
+
+    /export file= desired backup name.cfg
+
+
+
+
+## How to Reset Mikrotik Configuration Command?
+
+There are two main ways to reset the MikroTik configuration, using the command line:
+<ul>
+<li>Software Reset (Preferred): <code>/system reset-configuration </code></li> 
+<li>Hardware Reset Button: Less precise, consult your device’s manual for specific instructions<li> 
+</ul>
+

OneLiners.md

@@ -0,0 +1,111 @@
+# Mikrotik One Liners 
+
+
+## Mikrotik One-Liners
+
+### return average ping time of a domain name:
+
+    :put ([/tool flood-ping [:resolve "www.mikrotik.com"] count=3 as-value]->"avg-rtt")
+
+### return average ping time of a ip:
+
+    :put ([/tool flood-ping 1.1.1.1 count=3 as-value]->"avg-rtt")
+
+
+
+### set best dns servers based of average ping time:
+
+    :global ping2 ([/tool flood-ping 8.8.8.8 count=3 as-value]->"avg-rtt");:global ping1 ([/tool flood-ping 1.1.1.1 count=3 as-value]->"avg-rtt");:if ($ping1>$ping2) do={[/ip dns set servers=1.1.1.1]} else={[/ip dns set servers=8.8.8.8]};
+
+
+### adding the script to the scripts section on mikrotik:
+
+    /system script add name=best_DNS source=[:global ping2 ([/tool flood-ping 8.8.8.8 count=3 as-value]->"avg-rtt");:global ping1 ([/tool flood-ping 1.1.1.1 count=3 as-value]->"avg-rtt");:if ($ping1>$ping2) do={[/ip dns set servers=1.1.1.1]} else={[/ip dns set servers=8.8.8.8]};];
+
+### run that script with scheduler:
+
+    system scheduler add name=sch-dns interval=60s on-event=s1
+
+
+### run that script with cli:
+
+    system scripts run s1
+
+
+### Delete logs by terminal:
+
+one line
+
+    /system logging action set memory memory-lines=1
+
+or one hundred lines
+
+    /system logging action set memory memory-lines=100
+
+
+
+
+
+### redirect a.b.c.d (ip) to 192.168.1.101:5900
+
+    /ip firewall nat add chain=dstnat dst-address=a.b.c.d protocol=tcp dst-port=5900
+    action=dst-nat to-addresses=192.168.1.101 to-ports=5900
+
+
+
+### redirect a request to another port (port 52 redirects to 22)
+
+    ip firewall nat add chain=dstnat protocol=tcp dst-port=52 action=redirect to port=22
+
+
+
+
+### Drop google.com with just a line
+
+    /ip firewall filter
+    add action=drop chain=forward content=google.com
+
+### fetch Iranian IP Address
+you can change it to any country you want 
+
+    /tool fetch url=http://www.iwik.org/ipcountry/mikrotik/IR
+    /import file-name=IR
+
+
+
+
+### redirect DNS request to a IP
+
+    /ip dns static add regexp=".*\\.com\$" forward-to=192.168.1.186
+
+
+
+### check for updates just with one script
+
+after 6.31 version:
+
+    /system package update
+    Check-for-updates once
+    : delay 1s;
+    : If ([get status] = "New version is available") do= {install}
+
+
+before 6.31 version:
+
+    System package update
+    Check-for-updates
+    : delay 1s;
+    : if ( [get current-version] != [get latest-version]) do={ upgrade }
+
+
+### save backup and restore backup
+
+
+save Configuration
+
+    /system backup save filename=[backup_filename.backup]
+
+Load Configuration
+
+    /system backup load filename=[backup_filename.backup]
+

README.md

@@ -1,5 +1,5 @@
 # Mikrotik_Hero
-a great mega collection of Mikrotiks One liners,Cli Commands,Cool Tricks , Cheatsheets and also including fun and usefull scripts.
+a great mega collection of Mikrotiks One liners,Cli Commands,cli , Cheatsheets usefull scripts and hardening and security tips.
 
 
 <p align="center">
@@ -15,9 +15,9 @@ a great mega collection of Mikrotiks One liners,Cli Commands,Cool Tricks , Cheat
 |---|---|---|
 |Cli-Commands.md|Giant list of cli Tricks and How tos| <a href="Cli-commands.md">Link</a>|
 |Mikrotik_FAQ.md|a collection of FAQ(Frequently Asked Questions)| <a href="Mikrotik_FAQ.md">Link</a>|
-|Router-os scripting |learn scripting in mikrotik,some practical scripts|<a href="/Scripting/readme.md">Link</a>|
+|Router-os scripting |learn scripting and some practical scripts|<a href="/Scripting/readme.md">Link</a>|
 |Mikrotik Educational Materials|open-source and free educational material including slides,notes|<a href="/Mikrotik_Certifications/reame.md">Link</a>|
-|Mikrotik_Security.md|about Firewalls and Hardenings| <a href="/Security/Mikrotik_Security.md">Link</a>|
+|Mikrotik Security|about Firewalls and Hardenings| <a href="/Security">Link</a>|
 
 
 
@@ -36,6 +36,9 @@ Creative Commons Zero v1.0 Universal
 
 <img src="/img/88x31.png" alt="Creative Commons Zero v1.0 Universal">
 
+
+
+
 ## Contributing
 
 Contributions are welcome! If you have a cool trick or command that you would like to share, feel free to open a pull request.

SECURITY.md

@@ -1,5 +1,10 @@
 # Security Policy
 
+
+
+## CopyRight Violations
+If there are any copyright violations by me pleaese inform me!
+
 ## Reporting a Vulnerability
 
 If you discover a security vulnerability in our project, please report it to us by emailing [email protected]. Please do not disclose the vulnerability publicly until we have had a chance to address it.

Scripting/BruteForce_Prevention.rsc

@@ -0,0 +1,6 @@
+/ip firewall filter
+add action=add-src-to-address-list address-list=bruteforce_blacklist address-list-timeout=1d chain=input comment=Blacklist connection-state=new dst-port=22 protocol=tcp src-address-list=connection3
+add action=add-src-to-address-list address-list=connection3 address-list-timeout=1h chain=input comment="Third attempt" connection-state=new dst-port=22 protocol=tcp src-address-list=connection2,!secured
+add action=add-src-to-address-list address-list=connection2 address-list-timeout=15m chain=input comment="Second attempt" connection-state=new dst-port=22 protocol=tcp src-address-list=connection1
+add action=add-src-to-address-list address-list=connection1 address-list-timeout=5m chain=input comment="First attempt" connection-state=new dst-port=22 protocol=tcp
+add action=accept chain=input dst-port=22 protocol=tcp src-address-list=!bruteforce_blacklist