Some applications or sites can scan your MikroTik operating system and gain detailed reports about the ports in use (or free). In order to avoid these reports we should know those IP's and block them. Follow the steps below to add specific regulations to drop these connections.
- At first we should know what type of connections are used for scanning. For this we add a rule to detect the IPs. Open IP> firewall and select “filter rules” tab and click on “+”. In the opened window select chain as “input” and protocol type set on “6(tcp)”. Switch to action tab and select action method to “add src to address list”. Then enter a name for the address list field or select from the available.
- In the step above we learned to add port scanners IP's to the list. In this step, we should drop all these IPs. To do this action, click on IP>firewall and in the filter rules tab, click on “+” icon. Select chain as input and go to advanced tab. select your IP list name in the “Src. Address List” and at the end click on the action tab and select action as drop.