Scribd Logo
Unggah

Selamat datang di Scribd!

  • Firewall Mikrotik Untuk Drop Virus Dan Anti Netcut

    Diunggah oleh

    Dony Suryo Handoyo
    1K tayangan2 halaman

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    TXT, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    1K tayangan2 halaman

    Firewall Mikrotik Untuk Drop Virus Dan Anti Netcut

    Diunggah oleh

    Dony Suryo Handoyo

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 2

    FIREWALL MIKROTIK UNTUK DROP VIRUS DAN ANTI NETCUT Adakalanya kita harus waspada terhadap serangan netcut

    dan virus di dalam jaring an lokal yang kita miliki, karena netcut dan virus bisa bikin kamu kerepotan. Bagi kamu yang sudah menggunakan mikrotik, berikut adalah settingan firewall pad a mikrotik untuk menangkal netcut dan drop beberapa virus. Langsung saja buka winbox atau pake putty. Pada winbox, klik "New Terminal" dan silahkan copy-paste script di bawah ini: /ip firewall filter add action=accept chain=input disabled=no dst-port=8291 protocol=tcp add action=drop chain=forward connection-state=invalid disabled=no add action=drop chain=virus disabled=no dst-port=135-139 protocol=tcp add action=drop chain=virus disabled=no dst-port=1433-1434 protocol=tcp add action=drop chain=virus disabled=no dst-port=445 protocol=tcp add action=drop chain=virus disabled=no dst-port=445 protocol=udp add action=drop chain=virus disabled=no dst-port=593 protocol=tcp add action=drop chain=virus disabled=no dst-port=1024-1030 protocol=tcp add action=drop chain=virus disabled=no dst-port=1080 protocol=tcp add action=drop chain=virus disabled=no dst-port=1214 protocol=tcp add action=drop chain=virus disabled=no dst-port=1363 protocol=tcp add action=drop chain=virus disabled=no dst-port=1364 protocol=tcp add action=drop chain=virus disabled=no dst-port=1368 protocol=tcp add action=drop chain=virus disabled=no dst-port=1373 protocol=tcp add action=drop chain=virus disabled=no dst-port=1377 protocol=tcp add action=drop chain=virus disabled=no dst-port=2745 protocol=tcp add action=drop chain=virus disabled=no dst-port=2283 protocol=tcp add action=drop chain=virus disabled=no dst-port=2535 protocol=tcp add action=drop chain=virus disabled=no dst-port=2745 protocol=tcp add action=drop chain=virus disabled=no dst-port=3127 protocol=tcp add action=drop chain=virus disabled=no dst-port=3410 protocol=tcp add action=drop chain=virus disabled=no dst-port=4444 protocol=tcp add action=drop chain=virus disabled=no dst-port=4444 protocol=udp add action=drop chain=virus disabled=no dst-port=5554 protocol=tcp add action=drop chain=virus disabled=no dst-port=8866 protocol=tcp add action=drop chain=virus disabled=no dst-port=9898 protocol=tcp add action=drop chain=virus disabled=no dst-port=10080 protocol=tcp add action=drop chain=virus disabled=no dst-port=12345 protocol=tcp add action=drop chain=virus disabled=no dst-port=17300 protocol=tcp add action=drop chain=virus disabled=no dst-port=27374 protocol=tcp add action=drop chain=virus disabled=no dst-port=65506 protocol=tcp add action=jump chain=forward disabled=no jump-target=virus add action=drop chain=input connection-state=invalid disabled=no add action=accept chain=input disabled=no protocol=udp add action=accept chain=input disabled=no limit=50/5s,2 protocol=icmp add action=drop chain=input disabled=no protocol=icmp add action=accept chain=input disabled=no dst-port=21 protocol=tcp add action=accept chain=input disabled=no dst-port=22 protocol=tcp add action=accept chain=input disabled=no dst-port=23 protocol=tcp add action=accept chain=input disabled=no dst-port=80 protocol=tcp add action=accept chain=input disabled=no dst-port=8291 protocol=tcp add action=accept chain=input disabled=no dst-port=1723 protocol=tcp add action=accept chain=input disabled=no dst-port=23 protocol=tcp add action=accept chain=input disabled=no dst-port=80 protocol=tcp add action=accept chain=input disabled=no dst-port=1723 protocol=tcp add action=add-src-to-address-list address-list=DDOS address-list-timeout=15s ch ain=input disabled=no dst-port=1337 protocol=tcp add action=add-src-to-address-list address-list=DDOS address-list-timeout=15m ch ain=input disabled=no dst-port=7331 protocol=tcp src-address-list=knock add action=add-src-to-address-list address-list="port-scanners" address-list-tim

    eout=2w chain=input comment="port-scanner" disabled=no protocol=tcp psd=21,3s,3, 1 add action=add-src-to-address-list address-list="port-scanners" address-list-tim eout=2w chain=input comment="SYN/FIN" disabled=no protocol=tcp tcp-flags=fin,syn add action=add-src-to-address-list address-list="port-scanners" address-list-tim eout=2w chain=input comment="SYN/RST" disabled=no protocol=tcp tcp-flags=syn,rst add action=add-src-to-address-list address-list="port-scanners" address-list-tim eout=2w chain=input comment="FIN/PSH/URG" disabled=no protocol=tcp tcp-flags=fin ,psh,urg,!syn,!rst,!ack add action=add-src-to-address-list address-list="port-scanners" address-list-tim eout=2w chain=input comment="ALL/ALL scan" disabled=no protocol=tcp tcp-flags=fi n,syn,rst,psh,ack,urg add action=add-src-to-address-list address-list="port-scanners" address-list-tim eout=2w chain=input comment="NMAP" disabled=no protocol=tcp tcp-flags=!fin,!syn, !rst,!psh,!ack,!urg add action=accept chain=input comment="ANTI-NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=61.213.183.1-61.213.183.254 add action=accept chain=input comment="ANTI-NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=67.195.134.1-67.195.134.254 add action=accept chain=input comment="ANTI-NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=68.142.233.1-68.142.233.254 add action=accept chain=input comment="ANTI-NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=68.180.217.1-68.180.217.254 add action=accept chain=input comment="ANTI-NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=203.84.204.1-203.84.204.254 add action=accept chain=input comment="ANTI-NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=69.63.176.1-69.63.176.254 add action=accept chain=input comment="ANTI-NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=69.63.181.1-69.63.181.254 add action=accept chain=input comment="ANTI-NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=63.245.209.1-63.245.209.254 add action=accept chain=input comment="ANTI-NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=63.245.213.1-63.245.213.254 Kemudian reboot mikrotik /system reboot

    Anda mungkin juga menyukai