bloqueio de vírus e worms pelo MT
bom dia pessoal..
seguinte...alguem tem algum tipo de controle de vírus e worms pelo mt...se sim gostaria de saber se isso eh útil e funga bem...pois vi algo no demo do mt..e fiquei bem interessado...naum se isso ajuda em alguma coisa..mas acredito q sim..
se alguem tiver alguma coisa mais ou menos pronta e tiver afim de ajudar os colegas...poste ae...
agradeço a qq ajuda...flwssss
Re: bloqueio de vírus e worms pelo MT
Rapaz, eu vi isso aqui mesmo e implementei no meu server. São regras de firewall
[admin@DilSE] ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; LIBERA PARA SITES DA EMPRESA
chain=forward protocol=tcp src-port=0-65535 dst-port=0-65535
src-address-list=DIRETRIZ action=accept
1 ;;; LIBERA PARA ACESSO AO MSN
chain=forward protocol=tcp src-port=0-65535 dst-port=0-65535 src-address-list=MSN
action=accept
2 ;;; LIBERA PARA BANCOS
chain=forward protocol=tcp src-port=0-65535 dst-port=0-65535
src-address-list=BANCO action=accept
3 ;;; LIBERANDO AS PORTAS PARA CONEX O
chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=3987 action=accept
4 chain=forward protocol=udp dst-port=53 action=accept
5 chain=forward protocol=tcp dst-port=53 action=accept
6 chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=80 action=accept
7 chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=8291 action=accept
8 chain=input protocol=udp action=accept
9 chain=input src-address=192.168.100.0/24 protocol=tcp dst-port=3142 action=accept
10 chain=input src-address=192.168.100.0/24 protocol=tcp dst-port=3128 action=accept
11 chain=forward src-address=192.168.100.0/24 protocol=tcp dst-port=3987 action=accept
12 chain=forward src-address=192.168.100.0/24 protocol=tcp dst-port=3142 action=accept
13 chain=forward src-address=192.168.100.0/24 protocol=tcp dst-port=3128 action=accept
14 chain=input src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=tcp
dst-port=1360 action=accept
15 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=tcp
dst-port=1360 action=accept
16 chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=8080 action=accept
17 chain=forward src-address=0.0.0.0/0 protocol=tcp dst-port=8080 action=accept
18 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 action=accept
19 chain=forward src-address=0.0.0.0/0 dst-address=192.168.100.0/24
connection-state=related action=accept
20 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 action=accept
21 chain=forward src-address=0.0.0.0 dst-address=192.168.100.0/24
connection-state=related action=accept
22 chain=forward connection-state=established action=accept
23 chain=forward protocol=udp action=accept
24 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=udp
action=accept
25 chain=input src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=udp
action=accept
26 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=tcp
action=accept
27 chain=input src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=tcp
action=accept
28 ;;; OUTROS BLOQUEIOS DE PORTAS
chain=forward protocol=tcp src-port=0-65535 dst-port=0-65535 action=drop
29 chain=input connection-state=invalid action=drop
30 chain=forward action=drop
31 ;;; BLOQUEAR VIRUS CONHECIDOS
chain=virus protocol=tcp dst-port=135-139 action=drop
32 chain=virus protocol=udp dst-port=135-139 action=drop
33 chain=virus protocol=tcp dst-port=445 action=drop
34 chain=virus protocol=udp dst-port=445 action=drop
35 chain=virus protocol=tcp dst-port=593 action=drop
36 chain=virus protocol=tcp dst-port=1024-1030 action=drop
37 chain=virus protocol=tcp dst-port=1080 action=drop
38 chain=virus protocol=tcp dst-port=1214 action=drop
39 chain=virus protocol=tcp dst-port=1363 action=drop
40 chain=virus protocol=tcp dst-port=1364 action=drop
41 chain=virus protocol=tcp dst-port=1373 action=drop
42 chain=virus protocol=tcp dst-port=1377 action=drop
43 chain=virus protocol=tcp dst-port=1368 action=drop
44 chain=virus protocol=tcp dst-port=1433-1434 action=drop
----- Só não peguei o nome dos vírus, mas aqui mesmo ja tem uma postagem com os nome... falow :-D