Página 3 de 3 PrimeiroPrimeiro 123
+ Responder ao Tópico



  1. Citação Postado originalmente por welllinux Ver Post
    Faço isso em Firewall/Mangle ?

    Se vc tiver um Script contra virus poderia me disponibiliza?

    Grato!!!

    Isso mesmo, vc coloca a regra lá no ip firewall mangle.

  2. para o bloqueio de virus uso estás regras abaixo.

    / ip firewall filter
    add chain=input action=drop in-interface=ether3 dst-port=8080 protocol=tcp \
    comment="Bloqueio ao acesso externo do web-proxy" disabled=no
    add chain=forward action=drop dst-port=135-139 protocol=tcp comment="Bloqueio \
    da Netbios para n o compatilhar arquivos em rede usando o Mikrotik" \
    disabled=no
    add chain=forward action=drop dst-port=445 protocol=tcp comment="" disabled=no
    add chain=forward action=drop dst-port=135-139 protocol=udp comment="" \
    disabled=no
    add chain=forward action=drop dst-port=445 protocol=udp comment="" disabled=no
    add chain=forward action=drop src-address=192.0.0.0/16 \
    dst-address=192.0.0.0/16 comment="" disabled=no
    add chain=input action=accept connection-state=established \
    comment="Established connections" disabled=no
    add chain=input action=accept connection-state=related comment="Related \
    connections" disabled=no
    add chain=input action=log connection-state=invalid log-prefix="INVALID" \
    comment="Log invalid connections" disabled=no
    add chain=input action=drop connection-state=invalid comment="Drop invalid \
    connections" disabled=no
    add chain=input action=jump jump-target=virus comment="!!! Check for \
    well-known viruses !!!" disabled=no
    add chain=input action=accept protocol=udp comment="UDP" disabled=no
    add chain=input action=accept protocol=icmp comment="ICMP" disabled=no
    add chain=input action=accept dst-port=1723 protocol=tcp comment="Allow PPTP" \
    disabled=no
    add chain=input action=accept protocol=gre comment="Allow PPTP" disabled=no
    add chain=input action=accept protocol=ospf comment="Allow OSPF" disabled=no
    add chain=input action=jump jump-target=demo comment="Jump to demo chain" \
    disabled=no
    add chain=input action=accept src-address=192.168.10.0/24 comment="From local \
    net" disabled=no
    add chain=forward action=accept connection-state=established \
    comment="Established connections" disabled=no
    add chain=forward action=accept connection-state=related comment="Related \
    connections" disabled=no
    add chain=forward action=log connection-state=invalid log-prefix="INVALID" \
    comment="Log invalid connections" disabled=no
    add chain=forward action=drop connection-state=invalid comment="Drop invalid \
    connections" disabled=no
    add chain=forward action=jump jump-target=virus comment="!!! Check for \
    well-known viruses !!!" disabled=no
    add chain=forward action=accept protocol=udp comment="UDP" disabled=no
    add chain=forward action=accept protocol=icmp comment="ICMP" disabled=no
    add chain=virus action=drop dst-port=135-139 protocol=tcp comment="Drop \
    Blaster Worm" disabled=no
    add chain=virus action=drop dst-port=135-139 protocol=udp comment="Drop \
    Messenger Worm" disabled=no
    add chain=virus action=drop dst-port=445 protocol=tcp comment="Drop Blaster \
    Worm" disabled=no
    add chain=virus action=drop dst-port=445 protocol=udp comment="Drop Blaster \
    Worm" disabled=no
    add chain=virus action=drop dst-port=593 protocol=tcp comment="________" \
    disabled=no
    add chain=virus action=drop dst-port=1024-1030 protocol=tcp comment="________" \
    disabled=no
    add chain=virus action=drop dst-port=1080 protocol=tcp comment="Drop MyDoom" \
    disabled=no
    add chain=virus action=drop dst-port=1214 protocol=tcp comment="________" \
    disabled=no
    add chain=virus action=drop dst-port=1363 protocol=tcp comment="ndm requester" \
    disabled=no
    add chain=virus action=drop dst-port=1364 protocol=tcp comment="ndm server" \
    disabled=no
    add chain=virus action=drop dst-port=1368 protocol=tcp comment="screen cast" \
    disabled=no
    add chain=virus action=drop dst-port=1373 protocol=tcp comment="hromgrafx" \
    disabled=no
    add chain=virus action=drop dst-port=1377 protocol=tcp comment="cichlid" \
    disabled=no
    add chain=virus action=drop dst-port=1433-1434 protocol=tcp comment="Worm" \
    disabled=no
    add chain=virus action=drop dst-port=2745 protocol=tcp comment="Bagle Virus" \
    disabled=no
    add chain=virus action=drop dst-port=2283 protocol=tcp comment="Drop Dumaru.Y" \
    disabled=no
    add chain=virus action=drop dst-port=2535 protocol=tcp comment="Drop Beagle" \
    disabled=no
    add chain=virus action=drop dst-port=2745 protocol=tcp comment="Drop \
    Beagle.C-K" disabled=no
    add chain=virus action=drop dst-port=3127-3128 protocol=tcp comment="Drop \
    MyDoom" disabled=no
    add chain=virus action=drop dst-port=3410 protocol=tcp comment="Drop Backdoor \
    OptixPro" disabled=no
    add chain=virus action=drop dst-port=4444 protocol=tcp comment="Worm" \
    disabled=no
    add chain=virus action=drop dst-port=4444 protocol=udp comment="Worm" \
    disabled=no
    add chain=virus action=drop dst-port=5554 protocol=tcp comment="Drop Sasser" \
    disabled=no
    add chain=virus action=drop dst-port=8866 protocol=tcp comment="Drop Beagle.B" \
    disabled=no
    add chain=virus action=drop dst-port=9898 protocol=tcp comment="Drop \
    Dabber.A-B" disabled=no
    add chain=virus action=drop dst-port=10000 protocol=tcp comment="Drop \
    Dumaru.Y" disabled=no
    add chain=virus action=drop dst-port=10080 protocol=tcp comment="Drop \
    MyDoom.B" disabled=no
    add chain=virus action=drop dst-port=12345 protocol=tcp comment="Drop NetBus" \
    disabled=no
    add chain=virus action=drop dst-port=17300 protocol=tcp comment="Drop Kuang2" \
    disabled=no
    add chain=virus action=drop dst-port=27374 protocol=tcp comment="Drop \
    SubSeven" disabled=no
    add chain=virus action=drop dst-port=65506 protocol=tcp comment="Drop PhatBot, \
    Agobot, Gaobot" disabled=no
    add chain=demo action=accept dst-port=8291 protocol=tcp comment="Allow WinBox \
    for demo purposes" disabled=no
    add chain=demo action=accept dst-port=80 protocol=tcp comment="Allow Web for \
    demo purposes" disabled=no
    add chain=demo action=accept dst-port=23 protocol=tcp comment="Allow Telnet \
    for demo purposes" disabled=no
    add chain=demo action=accept dst-port=22 protocol=tcp comment="Allow SSH for \
    demo purposes" disabled=no



  3. Jbssi, valeu pelo firewall, sei que é meio feio copiar e colar mas quando se trata em querer melhorar nao acho que tem problemas, hoje estou novamente de plantao para ver se decubro algo, obrigado galera e se tiver mais alguma dica me fala, um abraço!!!






Tópicos Similares

  1. Antenas de grades USB=internet lenta
    Por DouglasSpinola no fórum Redes
    Respostas: 5
    Último Post: 17-03-2017, 11:20
  2. Respostas: 30
    Último Post: 06-07-2015, 21:59
  3. Respostas: 8
    Último Post: 20-01-2010, 23:58
  4. Respostas: 8
    Último Post: 11-01-2010, 09:15
  5. tem link de sobra mas nao libera
    Por pedroso no fórum Redes
    Respostas: 1
    Último Post: 10-12-2008, 22:27

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L