Lacho Posted August 24, 2008 Report Share Posted August 24, 2008 Видях го в един италянски сайт и съм го направил така мисля, че ще е полезно: / ip firewall filter add chain=forward protocol=tcp dst-port=135-139 action=drop comment=““ disabled=no add chain=forward protocol=udp dst-port=135-139 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=445 action=drop comment=““ disabled=no add chain=forward protocol=udp dst-port=445 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=593 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=1024-1030 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=1080 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=1214 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=1363 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=1364 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=1368 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=1373 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=1377 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=1433-1434 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=2745 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=2283 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=2535 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=3127 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=3410 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=4444 action=drop comment=““ disabled=no add chain=forward protocol=udp dst-port=4444 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=5554 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=8866 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=10000 action=drop comment=“ disabled=no add chain=forward protocol=tcp dst-port=10080 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=12345 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=17300 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=27374 action=drop comment=““ disabled=no add chain=forward protocol=tcp dst-port=65506 action=drop comment=““ disabled=no Live Free Or Die !!! http://www.etropole.net/ http://www.allfn.com/ Link to comment Share on other sites More sharing options...
0 Administrator 111111 Posted August 24, 2008 Administrator Report Share Posted August 24, 2008 спъва лан портове няма шерове няма игри има недоволни но това лично решение това би вършило по добра работа Drop port scanner /ip firewall filter add chain=input protocol=tcp psd=21,3s,3,1 \ action=add-src-to-address-list address-list="port scanners" \ address-list-timeout=14d comment="Port scanners to list " disabled=no /ip firewall filter add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg \ action=add-src-to-address-list \address-list="port scanners" address-list-timeout=14d comment="NMAP FIN Stealth scan" /ip firewall filter add chain=input protocol=tcp tcp-flags=fin,syn \ action=add-src-to-address-list address-list="port \scanners" address-list-timeout=14d comment="SYN/FIN scan" /ip firewall filter add chain=input protocol=tcp tcp-flags=syn,rst \ action=add-src-to-address-list address-list="port \scanners" address-list-timeout=14d comment="SYN/RST scan" /ip firewall filter add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack \ action=add-src-to-address-list \address-list="port scanners" address-list-timeout=14d comment="FIN/PSH/URG scan" /ip firewall filter add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg \ action=add-src-to-address-list \address-list="port scanners" address-list-timeout=14d comment="ALL/ALL scan" /ip firewall filter add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg \ action=add-src-to-address-list \address-list="port scanners" address-list-timeout=14d comment="NMAP NULL scan" /ip firewall filter add chain=input src-address-list="port scanners" action=drop \ comment="dropping port scanners" disabled=no[/code] и това изглежда хубаво ама какви проблеми създава не е истина [code]------------------------ Firewall Virus ---------------------------------------------- / ip firewall filter add chain=Virus protocol=tcp dst-port=1434 action=drop comment="port block \ warning" disabled=no add chain=Virus protocol=udp dst-port=1434 action=drop comment="" disabled=no add chain=Virus protocol=udp dst-port=2745 action=drop comment="" disabled=no add chain=Virus protocol=tcp dst-port=6344-6381 action=drop comment="" \ disabled=no add chain=Virus protocol=udp dst-port=6344-6381 action=drop comment="" \ disabled=no add chain=Virus protocol=tcp dst-port=1080 action=drop comment="MyDoom" \ disabled=no add chain=Virus protocol=tcp dst-port=1214 action=drop comment="" disabled=no add chain=Virus protocol=tcp dst-port=593 action=drop comment="" disabled=no add chain=Virus protocol=tcp dst-port=1024-1030 action=drop comment="" \ disabled=no add chain=Virus protocol=tcp dst-port=135-139 action=drop comment="Blaster \ Worm" disabled=no add chain=Virus protocol=udp dst-port=135-139 action=drop comment="Messenger \ Worm" disabled=no add chain=Virus protocol=tcp dst-port=445 action=drop comment="Blaster Worm" \ disabled=no add chain=Virus protocol=udp dst-port=445 action=drop comment="Blaster Worm" \ disabled=no add chain=Virus protocol=tcp dst-port=1363 action=drop comment="ndm requester" \ disabled=no add chain=Virus protocol=tcp dst-port=1364 action=drop comment="ndm server" \ disabled=no add chain=Virus protocol=tcp dst-port=1368 action=drop comment="screen cast" \ disabled=no add chain=Virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx" \ disabled=no add chain=Virus protocol=tcp dst-port=1377 action=drop comment="cichlid" \ disabled=no add chain=Virus protocol=tcp dst-port=1433-1434 action=drop comment="Worm" \ disabled=no add chain=Virus protocol=tcp dst-port=2745 action=drop comment="Bagle Virus" \ disabled=no add chain=Virus protocol=tcp dst-port=2283 action=drop comment="Drop Dumaru.Y" \ disabled=no add chain=Virus protocol=tcp dst-port=2235 action=drop comment="Drop Beagle" \ disabled=no add chain=Virus protocol=tcp dst-port=2745 action=drop comment="Drop \ Beagle.C-K" disabled=no add chain=Virus protocol=tcp dst-port=3127-3128 action=drop comment="Drop \ MyDoom" disabled=no add chain=Virus protocol=tcp dst-port=3410 action=drop comment="Drop Backdoor \ OptixPro" disabled=no add chain=Virus protocol=tcp dst-port=4444 action=drop comment="Worm" \ disabled=no add chain=Virus protocol=udp dst-port=4444 action=drop comment="Worm" \ disabled=no add chain=Virus protocol=tcp dst-port=5554 action=drop comment="Drop Sasser" \ disabled=no add chain=Virus protocol=tcp dst-port=8866 action=drop comment="Drop Beagle.B" \ disabled=no add chain=Virus protocol=tcp dst-port=9898 action=drop comment="Drop \ Dabber.A-B" disabled=no add chain=Virus protocol=tcp dst-port=10000 action=drop comment="Drop \ Dumaru.Y" disabled=no add chain=Virus protocol=tcp dst-port=10080 action=drop comment="Drop \ MyDoom.B" disabled=no add chain=Virus protocol=tcp dst-port=12345 action=drop comment="Drop NetBus" \ disabled=no add chain=Virus protocol=tcp dst-port=17300 action=drop comment="Drop Kuang2" \ disabled=no add chain=Virus protocol=tcp dst-port=65506 action=drop comment="Drop PhatBot, \ Agobot, Gaobot" disabled=no add chain=Virus protocol=tcp dst-port=27374 action=drop comment="Drop \ SubSeven" disabled=no # forward add chain=forward connection-state=invalid action=drop comment="" disabled=no add chain=forward connection-state=related action=accept comment="" \ disabled=no add chain=forward connection-state=established action=accept comment="" \ disabled=no add chain=forward action=jump jump-target=Virus comment="" disabled=no # input add chain=input connection-state=invalid action=drop comment="" disabled=no add chain=input connection-state=related action=accept comment="" disabled=no add chain=input connection-state=established action=accept comment="" \ disabled=no add chain=input action=jump jump-target=Virus comment="" disabled=no Харесай поста ^^^ Форумът е за взаимопомощ а не за свършване на чужда работа ɹɐǝɥ uɐɔ noʎ ǝɹoɯ ǝɥʇ 'ǝɯoɔǝq noʎ ɹǝʇǝınb ǝɥʇ Link to comment Share on other sites More sharing options...
Question
Lacho
Видях го в един италянски сайт
и съм го направил така мисля, че ще е полезно:
/ ip firewall filter
add chain=forward protocol=tcp dst-port=135-139 action=drop comment=““ disabled=no
add chain=forward protocol=udp dst-port=135-139 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=445 action=drop comment=““ disabled=no
add chain=forward protocol=udp dst-port=445 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=593 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=1024-1030 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=1080 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=1214 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=1363 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=1364 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=1368 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=1373 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=1377 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=1433-1434 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=2745 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=2283 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=2535 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=3127 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=3410 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=4444 action=drop comment=““ disabled=no
add chain=forward protocol=udp dst-port=4444 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=5554 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=8866 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=10000 action=drop comment=“ disabled=no
add chain=forward protocol=tcp dst-port=10080 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=12345 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=17300 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=27374 action=drop comment=““ disabled=no
add chain=forward protocol=tcp dst-port=65506 action=drop comment=““ disabled=no
Live Free Or Die !!!
http://www.etropole.net/
http://www.allfn.com/
Link to comment
Share on other sites
1 answer to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now