Minha rede esta vulnerável ???
Se sua rede usa mikrotik e vc não sabe se ela tem backdoor é facil identificar, ping qualquer endereço inexistente ex: wwwwww.ffffxsxswqwqx.com.br, se a resposta for 218.93.250.18, seu mk tem um backdoor. Aconselho comprar uma licença pois logo logo tu vai ter surpresa pois ja esta rodando na net um login e senha padrão pra entrar em qualquer um que tenha este sintoma.
Best Regards..
1 Anexo(s)
Re: Minha rede esta vulnerável ???
Boa tarde o meu esta dando essa resposta e ai?Anexo 54511
Re: Minha rede esta vulnerável ???
1 Anexo(s)
Re: Minha rede esta vulnerável ???
o meu ficou assim mas estou usando o firewall com as seguintes regras que peguei num forum que naum me lembro
add chain=virus comment="Bloqueio de virus"
add chain=forward connection-state=invalid action=drop comment="Drop invalid connections" disabled=no
add chain=forward connection-state=established action=accept comment="Established Connections" disabled=no
add chain=forward connection-state=related action=accept comment="Related connections" disabled=no
add chain=forward action=jump jump-target=virus comment="!!! Check for well-known viruses !!!" disabled=no
add chain=forward protocol=udp action=accept comment="UDP" disabled=no
add chain=forward protocol=icmp limit=50/5,2 action=accept comment="Allow limited Pings" disabled=no
add chain=forward protocol=icmp action=drop comment="Drop excess pings" disabled=no
add chain=input connection-state=invalid action=drop comment="Drop invalid connections" disabled=no
add chain=input tcp-flags=!syn connection-state=established action=accept comment="Accept established connections" disabled=no
add chain=input connection-state=related action=accept comment="Accept related connections" disabled=no
add chain=input action=jump jump-target=virus comment="!!! Check for well-known viruses !!!" disabled=no
add chain=input protocol=udp action=accept comment="UDP" disabled=no
add chain=input protocol=icmp limit=50/5,2 action=accept comment="Allow limited pings" disabled=no
add chain=input protocol=icmp action=drop comment="Drop excess pings" disabled=no
add chain=input dst-port=22 protocol=tcp action=accept comment="SSH for demo purposes" disabled=no
add chain=input dst-port=23 protocol=tcp action=accept comment="Telnet for demo purposes" disabled=no
add chain=input dst-port=80 protocol=tcp action=accept comment="http for demo purposes" disabled=no
add chain=input dst-port=3987 protocol=tcp action=accept comment="winbox for demo purposes" disabled=no
add chain=input action=accept log=yes comment="Log and drop everything else" disabled=no
add chain=virus dst-port=135-139 protocol=tcp action=drop comment="Drop Blaster Worm" disabled=no
add chain=virus dst-port=135-139 protocol=udp action=drop comment="Drop Messenger Worm" disabled=no
add chain=virus dst-port=445 protocol=tcp action=drop comment="Drop Blaster Worm" disabled=no
add chain=virus dst-port=445 protocol=udp action=drop comment="Drop Blaster Worm" disabled=no
add chain=virus dst-port=593 protocol=tcp action=drop comment="________" disabled=no
add chain=virus dst-port=1024-1030 protocol=tcp action=drop comment="________" disabled=no
add chain=virus dst-port=1080 protocol=tcp action=drop comment="Drop MyDoom" disabled=no
add chain=virus dst-port=1214 protocol=tcp action=drop comment="________" disabled=no
add chain=virus dst-port=1363 protocol=tcp action=drop comment="ndm requester" disabled=no
add chain=virus dst-port=1364 protocol=tcp action=drop comment="ndm server" disabled=no
add chain=virus dst-port=1368 protocol=tcp action=drop comment="screen cast" disabled=no
add chain=virus dst-port=1373 protocol=tcp action=drop comment="hromgrafx" disabled=no
add chain=virus dst-port=1377 protocol=tcp action=drop comment="cichlid" disabled=no
add chain=virus dst-port=1433-1434 protocol=tcp action=drop comment="Worm" disabled=no
add chain=virus dst-port=2745 protocol=tcp action=drop comment="Bagle Virus" disabled=no
add chain=virus dst-port=2283 protocol=tcp action=drop comment="Drop Dumaru.Y" disabled=no
add chain=virus dst-port=2535 protocol=tcp action=drop comment="Drop Beagle" disabled=no
add chain=virus dst-port=2745 protocol=tcp action=drop comment="Drop Beagle.C-K" disabled=no
add chain=virus dst-port=3410 protocol=tcp action=drop comment="Drop Backdoor OptixPro" disabled=no
add chain=virus dst-port=4444 protocol=tcp action=drop comment="Worm" disabled=no
add chain=virus dst-port=4444 protocol=udp action=drop comment="Worm" disabled=no
add chain=virus dst-port=5554 protocol=tcp action=drop comment="Drop Sasser" disabled=no
add chain=virus dst-port=8866 protocol=tcp action=drop comment="Drop Beagle.B" disabled=no
add chain=virus dst-port=9898 protocol=tcp action=drop comment="Drop Dabber.A-B" disabled=no
add chain=virus dst-port=10000 protocol=tcp action=drop comment="Drop Dumaru.Y" disabled=no
add chain=virus dst-port=10080 protocol=tcp action=drop comment="Drop MyDoom.B" disabled=no
add chain=virus dst-port=12345 protocol=tcp action=drop comment="Drop NetBus" disabled=no
add chain=virus dst-port=17300 protocol=tcp action=drop comment="Drop Kuang2" disabled=no
dd chain=virus dst-port=27374 protocol=tcp action=drop comment="Drop SubSeven" disabled=no
add chain=virus dst-port=65506 protocol=tcp action=drop comment="Drop PhatBot, Agobot, Gaobot" disabled=no
Re: Minha rede esta vulnerável ???
A tua licença é comprada ou crackeada?
Citação:
Postado originalmente por
lbsilva
o meu ficou assim mas estou usando o firewall com as seguintes regras que peguei num forum que naum me lembro
add chain=virus comment="Bloqueio de virus"
add chain=forward connection-state=invalid action=drop comment="Drop invalid connections" disabled=no
add chain=forward connection-state=established action=accept comment="Established Connections" disabled=no
add chain=forward connection-state=related action=accept comment="Related connections" disabled=no
add chain=forward action=jump jump-target=virus comment="!!! Check for well-known viruses !!!" disabled=no
add chain=forward protocol=udp action=accept comment="UDP" disabled=no
add chain=forward protocol=icmp limit=50/5,2 action=accept comment="Allow limited Pings" disabled=no
add chain=forward protocol=icmp action=drop comment="Drop excess pings" disabled=no
add chain=input connection-state=invalid action=drop comment="Drop invalid connections" disabled=no
add chain=input tcp-flags=!syn connection-state=established action=accept comment="Accept established connections" disabled=no
add chain=input connection-state=related action=accept comment="Accept related connections" disabled=no
add chain=input action=jump jump-target=virus comment="!!! Check for well-known viruses !!!" disabled=no
add chain=input protocol=udp action=accept comment="UDP" disabled=no
add chain=input protocol=icmp limit=50/5,2 action=accept comment="Allow limited pings" disabled=no
add chain=input protocol=icmp action=drop comment="Drop excess pings" disabled=no
add chain=input dst-port=22 protocol=tcp action=accept comment="SSH for demo purposes" disabled=no
add chain=input dst-port=23 protocol=tcp action=accept comment="Telnet for demo purposes" disabled=no
add chain=input dst-port=80 protocol=tcp action=accept comment="http for demo purposes" disabled=no
add chain=input dst-port=3987 protocol=tcp action=accept comment="winbox for demo purposes" disabled=no
add chain=input action=accept log=yes comment="Log and drop everything else" disabled=no
add chain=virus dst-port=135-139 protocol=tcp action=drop comment="Drop Blaster Worm" disabled=no
add chain=virus dst-port=135-139 protocol=udp action=drop comment="Drop Messenger Worm" disabled=no
add chain=virus dst-port=445 protocol=tcp action=drop comment="Drop Blaster Worm" disabled=no
add chain=virus dst-port=445 protocol=udp action=drop comment="Drop Blaster Worm" disabled=no
add chain=virus dst-port=593 protocol=tcp action=drop comment="________" disabled=no
add chain=virus dst-port=1024-1030 protocol=tcp action=drop comment="________" disabled=no
add chain=virus dst-port=1080 protocol=tcp action=drop comment="Drop MyDoom" disabled=no
add chain=virus dst-port=1214 protocol=tcp action=drop comment="________" disabled=no
add chain=virus dst-port=1363 protocol=tcp action=drop comment="ndm requester" disabled=no
add chain=virus dst-port=1364 protocol=tcp action=drop comment="ndm server" disabled=no
add chain=virus dst-port=1368 protocol=tcp action=drop comment="screen cast" disabled=no
add chain=virus dst-port=1373 protocol=tcp action=drop comment="hromgrafx" disabled=no
add chain=virus dst-port=1377 protocol=tcp action=drop comment="cichlid" disabled=no
add chain=virus dst-port=1433-1434 protocol=tcp action=drop comment="Worm" disabled=no
add chain=virus dst-port=2745 protocol=tcp action=drop comment="Bagle Virus" disabled=no
add chain=virus dst-port=2283 protocol=tcp action=drop comment="Drop Dumaru.Y" disabled=no
add chain=virus dst-port=2535 protocol=tcp action=drop comment="Drop Beagle" disabled=no
add chain=virus dst-port=2745 protocol=tcp action=drop comment="Drop Beagle.C-K" disabled=no
add chain=virus dst-port=3410 protocol=tcp action=drop comment="Drop Backdoor OptixPro" disabled=no
add chain=virus dst-port=4444 protocol=tcp action=drop comment="Worm" disabled=no
add chain=virus dst-port=4444 protocol=udp action=drop comment="Worm" disabled=no
add chain=virus dst-port=5554 protocol=tcp action=drop comment="Drop Sasser" disabled=no
add chain=virus dst-port=8866 protocol=tcp action=drop comment="Drop Beagle.B" disabled=no
add chain=virus dst-port=9898 protocol=tcp action=drop comment="Drop Dabber.A-B" disabled=no
add chain=virus dst-port=10000 protocol=tcp action=drop comment="Drop Dumaru.Y" disabled=no
add chain=virus dst-port=10080 protocol=tcp action=drop comment="Drop MyDoom.B" disabled=no
add chain=virus dst-port=12345 protocol=tcp action=drop comment="Drop NetBus" disabled=no
add chain=virus dst-port=17300 protocol=tcp action=drop comment="Drop Kuang2" disabled=no
dd chain=virus dst-port=27374 protocol=tcp action=drop comment="Drop SubSeven" disabled=no
add chain=virus dst-port=65506 protocol=tcp action=drop comment="Drop PhatBot, Agobot, Gaobot" disabled=no
Re: Minha rede esta vulnerável ???
Infelizmente é crackeada mas é apenas pra estudo estou usando uma versão para pc, comprei uma RB450G que tenho que configurar
Re: Minha rede esta vulnerável ???
Da uma olhada em minhas maquinas"RB"
Re: Minha rede esta vulnerável ???
Citação:
Postado originalmente por
lbsilva
Infelizmente é crackeada mas é apenas pra estudo estou usando uma versão para pc, comprei uma RB450G que tenho que configurar
Então você já sabe que está vulnerável né?
Re: Minha rede esta vulnerável ???
Desabilitei a portas que eu não estou utilizando ssh, H323, irc,pptp,sip, tftp
Re: Minha rede esta vulnerável ???
vou configurar a rb450g este tem licença do nivel 5
Re: Minha rede esta vulnerável ???
Citação:
Postado originalmente por
lbsilva
Desabilitei a portas que eu não estou utilizando ssh, H323, irc,pptp,sip, tftp
Blz, mas use a sua 450g que é uma excelente Rb.
Re: Minha rede esta vulnerável ???
Vou configurar e depois desabilito a do PC
Re: Minha rede esta vulnerável ???
pessoal ainda nao entendi essa dai tem uma senha que entra em qualquer rb que pinga para um site inexistente é ?