Página 1 de 2 12 ÚltimoÚltimo
+ Responder ao Tópico



  1. #1
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão filter completo

    /ip firewall filter
    add action=accept chain=input comment="Accept winbox" disabled=no dst-port=\
    8291 protocol=tcp
    add action=drop chain=input comment="BLOQUEIA SCAN PELO WINBOX" disabled=no \
    dst-port=5678 protocol=udp
    add action=drop chain=input comment="bloqueio do proxy externo" disabled=no \
    dst-port=3528 in-interface=redenetworks protocol=tcp
    add action=drop chain=forward comment="" disabled=no dst-port=3528 \
    in-interface=redenetworks protocol=tcp
    add action=drop chain=output comment="" disabled=no dst-port=3528 \
    out-interface=redenetworks protocol=tcp
    add action=drop chain=input comment="" disabled=no dst-port=3528 \
    in-interface=copel protocol=tcp
    add action=drop chain=forward comment="" disabled=no dst-port=3528 \
    in-interface=copel protocol=tcp
    add action=drop chain=output comment="" disabled=no dst-port=3528 \
    out-interface=copel protocol=tcp
    add action=accept chain=input comment="ACEITAR CONEXOES PROXY" disabled=no \
    dst-port=3528 in-interface=clientes protocol=tcp
    add action=drop chain=forward comment=\
    "Limitando numero conexoes simultaneas para 30 conecxao REDE CLIENTE" \
    connection-limit=50,32 disabled=no in-interface=clientes packet-mark=\
    !semlimite protocol=tcp tcp-flags=syn
    add action=jump chain=input comment=\
    "REPASSA TRAFEGO PARA VERIFICASAO DE PORTAS" disabled=no jump-target=\
    "P2P E PORTAS"
    add action=jump chain=forward comment="" disabled=no jump-target=\
    "P2P E PORTAS"
    add action=jump chain=input comment="REPASSA TRAFEGO PARA CANAL VIRUS" \
    disabled=no jump-target=VIRUS
    add action=jump chain=forward comment="" disabled=no jump-target=VIRUS
    add action=jump chain=input comment="BLOQUEIO DE IPS BOGONS" disabled=no \
    jump-target=BOGONS
    add action=jump chain=forward comment="" disabled=no jump-target=BOGONS
    add action=accept chain=input comment="ACEITA CONECSAO NOVAS" \
    connection-state=new disabled=no
    add action=accept chain=forward comment="" connection-state=new disabled=no
    add action=accept chain=input comment="ACEITA CONECSAO ESTABELECIDA" \
    connection-state=established disabled=no
    add action=accept chain=forward comment="" connection-state=established \
    disabled=no
    add action=accept chain=input comment="ACEITA CONECSAO RELACIONADAS" \
    connection-state=related disabled=no
    add action=accept chain=forward comment="" connection-state=related disabled=\
    no
    add action=accept chain="P2P E PORTAS" comment="PORTAS E P2P /////////////////\
    //////////////////////////////////////////////////////////////////////////\
    /////////////////////////////////////////////////////" disabled=no \
    dst-port=6346-6349 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment=FTP disabled=no dst-port=21 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="OUTLOOK EXPRESS" disabled=no \
    dst-port=110 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment=DNS disabled=no dst-port=53 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment=E-MAIL disabled=no dst-port=25 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="portas do ITR" disabled=no \
    dst-port=5636 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5636 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=3456 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="autentica\E7\E3o do MSN" \
    disabled=no dst-port=1863 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1853 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment=skipe disabled=no dst-port=\
    30369 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="PORTAS DO KAZAA" disabled=no \
    dst-port=1214 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="PORTAS DO E-MULE" disabled=no \
    dst-port=4662 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=4662 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
    6346-6348 protocol=udp
    add action=accept chain="P2P E PORTAS" comment="PORTAS DO BITTORRENT" \
    disabled=no dst-port=6881-6889 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
    6881-6889 protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1214 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="PORTAS RANDON DO BIT TORRENT" \
    disabled=no dst-port=57792 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=57792 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="porta servidor CS" disabled=\
    no dst-port=27015 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27015 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
    protocol=udp
    add action=drop chain="P2P E PORTAS" comment="BLOQUEIA NETBIOS TCP" disabled=\
    no dst-port=137-139 protocol=tcp src-port=137-139
    add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
    protocol=tcp src-port=445
    add action=drop chain="P2P E PORTAS" comment="BLOQUEIA NETBIOS UDP" disabled=\
    no dst-port=137-139 protocol=udp src-port=137-139
    add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
    protocol=udp src-port=445
    add action=accept chain="P2P E PORTAS" comment="ALL P2P" disabled=no p2p=\
    all-p2p
    add action=drop chain=VIRUS comment="LISTA DE VIRUS///////////////////////////\
    //////////////////////////////////////////////////////////////////////////\
    ////////////////////////////////////////////////////" disabled=no \
    protocol=tcp src-port=445
    add action=drop chain=VIRUS comment="" disabled=no dst-port=445 protocol=tcp
    add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no protocol=\
    udp src-port=445
    add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no dst-port=\
    445 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no protocol=tcp src-port=\
    135-139
    add action=drop chain=VIRUS comment="" disabled=no protocol=udp src-port=\
    135-139
    add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
    udp
    add action=drop chain=VIRUS comment=________ disabled=no dst-port=593 \
    protocol=tcp
    add action=drop chain=VIRUS comment=________ disabled=no dst-port=1024-1030 \
    protocol=tcp

  2. #2
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão

    add action=drop chain=VIRUS comment="Drop MyDoom" disabled=no dst-port=1080 \
    protocol=tcp
    add action=drop chain=VIRUS comment=________ disabled=no dst-port=1214 \
    protocol=tcp
    add action=drop chain=VIRUS comment="ndm requester" disabled=no dst-port=1363 \
    protocol=tcp
    add action=drop chain=VIRUS comment="ndm server" disabled=no dst-port=1364 \
    protocol=tcp
    add action=drop chain=VIRUS comment="screen cast" disabled=no dst-port=1368 \
    protocol=tcp
    add action=drop chain=VIRUS comment=hromgrafx disabled=no dst-port=1373 \
    protocol=tcp
    add action=drop chain=VIRUS comment=cichlid disabled=no dst-port=1377 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Worm disabled=no dst-port=1433-1434 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Bagle VIRUS" disabled=no dst-port=2745 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Drop Dumaru.Y" disabled=no dst-port=2283 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Drop Beagle" disabled=no dst-port=2535 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Drop Beagle.C-K" disabled=no dst-port=\
    2745 protocol=tcp
    add action=drop chain=VIRUS comment="Drop MyDoom" disabled=no dst-port=3127 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Drop Backdoor OptixPro" disabled=no \
    dst-port=3410 protocol=tcp
    add action=drop chain=VIRUS comment=Worm disabled=no dst-port=4444 protocol=\
    tcp
    add action=drop chain=VIRUS comment=Worm disabled=no dst-port=4444 protocol=\
    udp
    add action=drop chain=VIRUS comment="Drop Sasser" disabled=no dst-port=5554 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Drop Beagle.B" disabled=no dst-port=8866 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Drop Dabber.A-B" disabled=no dst-port=\
    9898 protocol=tcp
    add action=drop chain=VIRUS comment="Drop Dumaru.Y" disabled=no dst-port=\
    10000 protocol=tcp
    add action=drop chain=VIRUS comment="Drop MyDoom.B" disabled=no dst-port=\
    10080 protocol=tcp
    add action=drop chain=VIRUS comment="Drop NetBus" disabled=no dst-port=12345 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Drop Kuang2" disabled=no dst-port=17300 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Drop SubSeven" disabled=no dst-port=\
    27374 protocol=tcp
    add action=drop chain=VIRUS comment="Drop PhatBot, Agobot, Gaobot" disabled=\
    no dst-port=65506 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=513 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=513 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=525 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=525 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=568-569 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=568-569 protocol=\
    udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1512 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1512 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=396 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=396 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1366 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1366 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1416 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1416 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=201-209 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=201-209 protocol=\
    udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=545 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=545 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1381 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1381 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=3031 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=3031 protocol=udp
    add action=drop chain=VIRUS comment="2000 cracks" disabled=no dst-port=6776 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Acid Battery" disabled=no dst-port=32418 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=2000 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=52317 protocol=\
    tcp
    add action=drop chain=VIRUS comment="Acid Shivers" disabled=no dst-port=10520 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Agent 31" disabled=no dst-port=31 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Agent 40421" disabled=no dst-port=40421 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Aim Spy" disabled=no dst-port=777 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Ambush disabled=no dst-port=10666 \
    protocol=tcp
    add action=drop chain=VIRUS comment="AOL Trojan" disabled=no dst-port=30029 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Attack FTP" disabled=no dst-port=666 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Back Construction" disabled=no dst-port=\
    5400-5401 protocol=tcp
    add action=drop chain=VIRUS comment="Back Door Setup" disabled=no dst-port=\
    5000-5001 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=7789 protocol=tcp
    add action=drop chain=VIRUS comment="Back Orifice" disabled=no dst-port=\
    31337-31338 protocol=tcp
    add action=drop chain=VIRUS comment="Back Orifice 2000" disabled=no dst-port=\
    54320-54321 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=8787 protocol=tcp
    add action=drop chain=VIRUS comment="Back Orifice DLL" disabled=no dst-port=\
    1349 protocol=udp
    add action=drop chain=VIRUS comment=BackDoor disabled=no dst-port=1999 \
    protocol=tcp
    add action=drop chain=VIRUS comment=BackDoor-G disabled=no dst-port=1243 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=6776 protocol=tcp
    add action=drop chain=VIRUS comment=BackDoor-QE disabled=no dst-port=10452 \
    protocol=tcp
    add action=drop chain=VIRUS comment=BackDoor-QO disabled=no dst-port=3332 \
    protocol=tcp
    add action=drop chain=VIRUS comment=BackDoor-QR disabled=no dst-port=\
    12973-12975 protocol=tcp
    add action=drop chain=VIRUS comment=BackFire disabled=no dst-port=31337 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Baron Night" disabled=no dst-port=31337 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Big Gluck (TN)" disabled=no dst-port=\
    34324 protocol=tcp
    add action=drop chain=VIRUS comment=BioNet disabled=no dst-port=12349 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Bla disabled=no dst-port=1042 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=20331 protocol=\
    tcp
    add action=drop chain=VIRUS comment="Blade Runner" disabled=no dst-port=\
    5400-5402 protocol=tcp
    add action=drop chain=VIRUS comment="BO client" disabled=no dst-port=31337 \
    protocol=tcp
    add action=drop chain=VIRUS comment="BO Facil" disabled=no dst-port=5556-5557 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=31337 protocol=\
    tcp
    add action=drop chain=VIRUS comment="Bo Wack" disabled=no dst-port=31336 \
    protocol=tcp
    add action=drop chain=VIRUS comment=BoBo disabled=no dst-port=4321 protocol=\
    tcp
    add action=drop chain=VIRUS comment="BOWhack " disabled=no dst-port=31666 \
    protocol=tcp
    add action=drop chain=VIRUS comment="BrainSpy " disabled=no dst-port=10101 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Bubbel disabled=no dst-port=5000 \
    protocol=tcp
    add action=drop chain=VIRUS comment=BugBear disabled=no dst-port=36794 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Bugs disabled=no dst-port=2115 protocol=\
    tcp



  3. #3
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão

    add action=drop chain=VIRUS comment=Bunker-Hill disabled=no dst-port=61348 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=61603 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=63485 protocol=\
    tcp
    add action=drop chain=VIRUS comment="Cain e Abel" disabled=no dst-port=666 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Chargen disabled=no dst-port=9 protocol=\
    udp
    add action=drop chain=VIRUS comment=Chupacabra disabled=no dst-port=20203 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Coma disabled=no dst-port=10607 protocol=\
    tcp
    add action=drop chain=VIRUS comment="Cyber Attacker" disabled=no dst-port=\
    9876 protocol=tcp
    add action=drop chain=VIRUS comment="Dark Shadow " disabled=no dst-port=911 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Death disabled=no dst-port=2 protocol=tcp
    add action=drop chain=VIRUS comment="Deep Back Orifice" disabled=no dst-port=\
    31338 protocol=tcp
    add action=drop chain=VIRUS comment="Deep Throat" disabled=no dst-port=41 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=2140 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=3150 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=6771 protocol=tcp
    add action=drop chain=VIRUS comment="Deep Throat v2" disabled=no dst-port=\
    6670 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=6711 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=60000 protocol=\
    tcp
    add action=drop chain=VIRUS comment="Deep Throat v3" disabled=no dst-port=\
    6674 protocol=tcp
    add action=drop chain=VIRUS comment=DeepBO disabled=no dst-port=31337 \
    protocol=udp
    add action=drop chain=VIRUS comment=DeepThroat disabled=no dst-port=999 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Delta Source" disabled=no dst-port=26274 \
    protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=47262 protocol=\
    udp
    add action=drop chain=VIRUS comment="Der Spacher 3" disabled=no dst-port=\
    1000-1001 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=2000-2001 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Devil disabled=no dst-port=65000 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Digital RootBeer" disabled=no dst-port=\
    2600 protocol=tcp
    add action=drop chain=VIRUS comment="DMsetup " disabled=no dst-port=58-59 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1010-1012 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1015 protocol=tcp
    add action=drop chain=VIRUS comment="Donald Dick" disabled=no dst-port=\
    23476-23477 protocol=tcp
    add action=drop chain=VIRUS comment=DRAT disabled=no dst-port=48 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=50 protocol=tcp
    add action=drop chain=VIRUS comment="DUN Control" disabled=no dst-port=12623 \
    protocol=udp
    add action=drop chain=VIRUS comment=Eclipse disabled=no dst-port=2000 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=3459 protocol=tcp
    add action=drop chain=VIRUS comment=Eclypse disabled=no dst-port=3801 \
    protocol=udp
    add action=drop chain=VIRUS comment="Evil FTP" disabled=no dst-port=23456 \
    protocol=tcp
    add action=drop chain=VIRUS comment="File Nail" disabled=no dst-port=4567 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Firehotcker disabled=no dst-port=79 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=5321 protocol=tcp
    add action=drop chain=VIRUS comment=Fore disabled=no dst-port=50766 protocol=\
    tcp
    add action=drop chain=VIRUS comment=FTP99cmp disabled=no dst-port=1492 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Gaban Bus" disabled=no dst-port=\
    12345-12346 protocol=tcp
    add action=drop chain=VIRUS comment="Gate Crasher" disabled=no dst-port=\
    6969-6970 protocol=tcp
    add action=drop chain=VIRUS comment="GirlFriend " disabled=no dst-port=21554 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Gjamer disabled=no dst-port=12076 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Hack '99 KeyLogger" disabled=no \
    dst-port=12223 protocol=tcp
    add action=drop chain=VIRUS comment="Hack 'a' Tack" disabled=no dst-port=\
    31780-31785 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=31787-31789 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Hack 'a' Tack" disabled=no dst-port=\
    31791-31792 protocol=udp
    add action=drop chain=VIRUS comment="HackCity Ripper Pro" disabled=no \
    dst-port=2023 protocol=tcp
    add action=drop chain=VIRUS comment="Hackers Paradise " disabled=no dst-port=\
    31 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=456 protocol=tcp
    add action=drop chain=VIRUS comment=HackOffice disabled=no dst-port=8897 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Happy 99" disabled=no dst-port=119 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Hidden Port" disabled=no dst-port=99 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Host Control " disabled=no dst-port=6669 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=11050 protocol=\
    tcp
    add action=drop chain=VIRUS comment="HVL Rat5" disabled=no dst-port=2283 \
    protocol=tcp
    add action=drop chain=VIRUS comment=icKiller disabled=no dst-port=7789 \
    protocol=tcp
    add action=drop chain=VIRUS comment=\
    "ICQ (ICQ.com - community, people search and messaging service!)" \
    disabled=no dst-port=1027-1029 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1032 protocol=tcp
    add action=drop chain=VIRUS comment="ICQ Revenge" disabled=no dst-port=16772 \
    protocol=tcp
    add action=drop chain=VIRUS comment="ICQ Revenge" disabled=no dst-port=19864 \
    protocol=tcp
    add action=drop chain=VIRUS comment="ICQ Trojan" disabled=no dst-port=4590 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Illusion Mailer" disabled=no dst-port=\
    2155 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=5512 protocol=tcp
    add action=drop chain=VIRUS comment=InCommand disabled=no dst-port=9400 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Indoctrination disabled=no dst-port=6939 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Infector disabled=no dst-port=146 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=146 protocol=udp
    add action=drop chain=VIRUS comment=iNi-Killer disabled=no dst-port=555 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=9989 protocol=tcp
    add action=drop chain=VIRUS comment="Insane Network" disabled=no dst-port=\
    2000 protocol=tcp
    add action=drop chain=VIRUS comment=IRC-3 disabled=no dst-port=6969 protocol=\
    tcp
    add action=drop chain=VIRUS comment=JammerKillah disabled=no dst-port=121 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Kazimas disabled=no dst-port=113 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=7000 protocol=tcp
    add action=drop chain=VIRUS comment="Kuang2 " disabled=no dst-port=17300 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=30999 protocol=\
    tcp
    add action=drop chain=VIRUS comment=Logged disabled=no dst-port=20203 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Masters' Paradise" disabled=no dst-port=\
    3129 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=40421-40423 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=40425-40426 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Mavericks Matrix" disabled=no dst-port=\
    1269 protocol=tcp
    add action=drop chain=VIRUS comment=Millenium disabled=no dst-port=\
    20000-20001 protocol=tcp
    add action=drop chain=VIRUS comment=MiniCommand disabled=no dst-port=1050 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Mosucker disabled=no dst-port=16484 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Nephron disabled=no dst-port=17777 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Net Controller" disabled=no dst-port=123 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Netbios datagram (DoS Attack)" disabled=\
    no dst-port=138 protocol=tcp
    add action=drop chain=VIRUS comment="Netbios name (DoS Attack)" disabled=no \
    dst-port=137 protocol=tcp
    add action=drop chain=VIRUS comment="Netbios session (DoS Attack)" disabled=\
    no dst-port=139 protocol=tcp
    add action=drop chain=VIRUS comment="NetBus Pro" disabled=no dst-port=20034 \
    protocol=tcp
    add action=drop chain=VIRUS comment=NetMetropolitan disabled=no dst-port=5031 \
    protocol=tcp
    add action=drop chain=VIRUS comment=NetMonitor disabled=no dst-port=7300-7301 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=7306-7308 \
    protocol=tcp
    add action=drop chain=VIRUS comment=NetRaider disabled=no dst-port=57341 \
    protocol=tcp
    add action=drop chain=VIRUS comment=NETrojan disabled=no dst-port=1313 \
    protocol=tcp
    add action=drop chain=VIRUS comment=NetSphere disabled=no dst-port=\
    30100-30103 protocol=tcp
    add action=drop chain=VIRUS comment=NetSpy disabled=no dst-port=1024-1033 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=31338-31339 \
    protocol=tcp
    add action=drop chain=VIRUS comment=NoBackO disabled=no dst-port=1200-1201 \
    protocol=udp
    add action=drop chain=VIRUS comment="One of the Last Trojan (OOTLT)" \
    disabled=no dst-port=5011 protocol=tcp

  4. #4
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão

    add action=drop chain=VIRUS comment="OpC BO" disabled=no dst-port=1969 \
    protocol=tcp
    add action=drop chain=VIRUS comment="PC Crasher" disabled=no dst-port=\
    5637-5638 protocol=tcp
    add action=drop chain=VIRUS comment="Phineas Phucker" disabled=no dst-port=\
    2801 protocol=tcp
    add action=drop chain=VIRUS comment="Portal of Doom" disabled=no dst-port=\
    9872-9875 protocol=tcp
    add action=drop chain=VIRUS comment="Portal of Doom" disabled=no dst-port=\
    10067 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=10167 protocol=\
    udp
    add action=drop chain=VIRUS comment=Priority disabled=no dst-port=16969 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Progenic disabled=no dst-port=11223 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Prosiak disabled=no dst-port=22222 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=33333 protocol=\
    tcp
    add action=drop chain=VIRUS comment="Psyber Stream Server" disabled=no \
    dst-port=1170 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1509 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=4000 protocol=tcp
    add action=drop chain=VIRUS comment=Rasmin disabled=no dst-port=531 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1045 protocol=tcp
    add action=drop chain=VIRUS comment=RAT disabled=no dst-port=1095 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=1097-1099 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=2989 protocol=tcp
    add action=drop chain=VIRUS comment=RC disabled=no dst-port=65535 protocol=\
    tcp
    add action=drop chain=VIRUS comment=Rcon disabled=no dst-port=8989 protocol=\
    tcp
    add action=drop chain=VIRUS comment="Remote Grab" disabled=no dst-port=7000 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Remote Windows Shutdown" disabled=no \
    dst-port=53001 protocol=tcp
    add action=drop chain=VIRUS comment=Robo-Hack disabled=no dst-port=5596 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Satanz backDoor" disabled=no dst-port=\
    666 protocol=tcp
    add action=drop chain=VIRUS comment=ScheduleAgent disabled=no dst-port=6667 \
    protocol=tcp
    add action=drop chain=VIRUS comment="School Bus" disabled=no dst-port=54321 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Schwindler disabled=no dst-port=21554 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=50766 protocol=\
    tcp
    add action=drop chain=VIRUS comment="Secret Agent " disabled=no dst-port=\
    11223 protocol=tcp
    add action=drop chain=VIRUS comment="Secret Service" disabled=no dst-port=605 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=6272 protocol=tcp
    add action=drop chain=VIRUS comment="Senna Spy FTP Server" disabled=no \
    dst-port=11000 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=13000 protocol=\
    tcp
    add action=drop chain=VIRUS comment=ServeMe disabled=no dst-port=5555 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Shit Heep" disabled=no dst-port=6912 \
    protocol=tcp
    add action=drop chain=VIRUS comment=ShockRave disabled=no dst-port=1981 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Sivka-Burka disabled=no dst-port=1600 \
    protocol=tcp
    add action=drop chain=VIRUS comment="SK Silencer" disabled=no dst-port=1001 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Socket25 disabled=no dst-port=30303 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Sockets de Troie" disabled=no dst-port=\
    5000-5001 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=50505 protocol=\
    tcp
    add action=drop chain=VIRUS comment=SoftWAR disabled=no dst-port=1207 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Spirit 2001a " disabled=no dst-port=\
    33911 protocol=tcp
    add action=drop chain=VIRUS comment=SpySender disabled=no dst-port=1807 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Streaming Audio trojan" disabled=no \
    dst-port=1170 protocol=tcp
    add action=drop chain=VIRUS comment=Striker disabled=no dst-port=2565 \
    protocol=tcp
    add action=drop chain=VIRUS comment=SubSeven disabled=no dst-port=1243 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=2773 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=6711-6713 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=6776 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=7215 protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=27374 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=27573 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=54283 protocol=\
    tcp
    add action=drop chain=VIRUS comment="SubSeven Apocalypse" disabled=no \
    dst-port=1243 protocol=tcp
    add action=drop chain=VIRUS comment=Syphillis disabled=no dst-port=10086 \
    protocol=tcp
    add action=drop chain=VIRUS comment="TCP Wrappers" disabled=no dst-port=421 \
    protocol=tcp
    add action=drop chain=VIRUS comment=TeleCommando disabled=no dst-port=61466 \
    protocol=tcp
    add action=drop chain=VIRUS comment="The Invasor" disabled=no dst-port=2140 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=3150 protocol=tcp
    add action=drop chain=VIRUS comment="The Prayer" disabled=no dst-port=2716 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=9999 protocol=tcp
    add action=drop chain=VIRUS comment="The Spy" disabled=no dst-port=40412 \
    protocol=tcp
    add action=drop chain=VIRUS comment="The Thing" disabled=no dst-port=6000 \
    protocol=tcp
    add action=drop chain=VIRUS comment="The Thing" disabled=no dst-port=6400 \
    protocol=tcp



  5. #5
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão

    add action=drop chain=VIRUS comment="The Traitor" disabled=no dst-port=65432 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=65432 protocol=\
    udp
    add action=drop chain=VIRUS comment="The Trojan Cow" disabled=no dst-port=\
    2001 protocol=tcp
    add action=drop chain=VIRUS comment="The Unexplained" disabled=no dst-port=\
    29891 protocol=udp
    add action=drop chain=VIRUS comment="Tiny Telnet Server" disabled=no \
    dst-port=34324 protocol=tcp
    add action=drop chain=VIRUS comment=TransScout disabled=no dst-port=1999-2005 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=9878 protocol=tcp
    add action=drop chain=VIRUS comment=Trinoo disabled=no dst-port=34555 \
    protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=35555 protocol=\
    udp
    add action=drop chain=VIRUS comment="Ugly FTP" disabled=no dst-port=23456 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Ultor's Trojan" disabled=no dst-port=\
    1234 protocol=tcp
    add action=drop chain=VIRUS comment=Vampire disabled=no dst-port=1020 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Vampyre " disabled=no dst-port=6669 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Virtual Hacking Machine " disabled=no \
    dst-port=4242 protocol=tcp
    add action=drop chain=VIRUS comment=Voice disabled=no dst-port=1170 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=4000 protocol=tcp
    add action=drop chain=VIRUS comment="Voodoo Doll" disabled=no dst-port=1245 \
    protocol=tcp
    add action=drop chain=VIRUS comment="Wack-a-mole " disabled=no dst-port=\
    12361-12362 protocol=tcp
    add action=drop chain=VIRUS comment="Web Ex" disabled=no dst-port=1001 \
    protocol=tcp
    add action=drop chain=VIRUS comment=WhackJob disabled=no dst-port=12631 \
    protocol=tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=23456 protocol=\
    tcp
    add action=drop chain=VIRUS comment=WinHole disabled=no dst-port=1080-1082 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Xplorer disabled=no dst-port=2300 \
    protocol=tcp
    add action=drop chain=VIRUS comment=Xtcp disabled=no dst-port=5550 protocol=\
    tcp
    add action=drop chain=VIRUS comment=YAT disabled=no dst-port=37651 protocol=\
    tcp
    add action=drop chain=BOGONS comment="BLOQUEIO DE IPS BOGONS//////////////////\
    //////////////////////////////////////////////////////////////////////////\
    /////////////////////////////////////////////////" disabled=no \
    src-address=0.0.0.0/8
    add action=drop chain=BOGONS comment="" disabled=no dst-address=0.0.0.0/8
    add action=drop chain=BOGONS comment="" disabled=no src-address=127.0.0.0/8
    add action=drop chain=BOGONS comment="" disabled=no dst-address=127.0.0.0/8
    add action=drop chain=BOGONS comment="" disabled=no src-address=224.0.0.0/3
    add action=drop chain=BOGONS comment="" disabled=no dst-address=224.0.0.0/3

  6. #6

    Padrão

    tantas regras... se eu colocar isto no meu mk trava! rsrsrs

    valeu pelo post....

    até mais...



  7. #7

    Padrão

    Citação Postado originalmente por felixhmakowski Ver Post
    /ip firewall filter
    add action=accept chain=input comment="Accept winbox" disabled=no dst-port=\
    8291 protocol=tcp
    add action=drop chain=input comment="BLOQUEIA SCAN PELO WINBOX" disabled=no \
    dst-port=5678 protocol=udp
    add action=drop chain=input comment="bloqueio do proxy externo" disabled=no \
    dst-port=3528 in-interface=redenetworks protocol=tcp
    add action=drop chain=forward comment="" disabled=no dst-port=3528 \
    in-interface=redenetworks protocol=tcp
    add action=drop chain=output comment="" disabled=no dst-port=3528 \
    out-interface=redenetworks protocol=tcp
    add action=drop chain=input comment="" disabled=no dst-port=3528 \
    in-interface=copel protocol=tcp
    add action=drop chain=forward comment="" disabled=no dst-port=3528 \
    in-interface=copel protocol=tcp
    add action=drop chain=output comment="" disabled=no dst-port=3528 \
    out-interface=copel protocol=tcp
    add action=accept chain=input comment="ACEITAR CONEXOES PROXY" disabled=no \
    dst-port=3528 in-interface=clientes protocol=tcp
    add action=drop chain=forward comment=\
    "Limitando numero conexoes simultaneas para 30 conecxao REDE CLIENTE" \
    connection-limit=50,32 disabled=no in-interface=clientes packet-mark=\
    !semlimite protocol=tcp tcp-flags=syn
    add action=jump chain=input comment=\
    "REPASSA TRAFEGO PARA VERIFICASAO DE PORTAS" disabled=no jump-target=\
    "P2P E PORTAS"
    add action=jump chain=forward comment="" disabled=no jump-target=\
    "P2P E PORTAS"
    add action=jump chain=input comment="REPASSA TRAFEGO PARA CANAL VIRUS" \
    disabled=no jump-target=VIRUS
    add action=jump chain=forward comment="" disabled=no jump-target=VIRUS
    add action=jump chain=input comment="BLOQUEIO DE IPS BOGONS" disabled=no \
    jump-target=BOGONS
    add action=jump chain=forward comment="" disabled=no jump-target=BOGONS
    add action=accept chain=input comment="ACEITA CONECSAO NOVAS" \
    connection-state=new disabled=no
    add action=accept chain=forward comment="" connection-state=new disabled=no
    add action=accept chain=input comment="ACEITA CONECSAO ESTABELECIDA" \
    connection-state=established disabled=no
    add action=accept chain=forward comment="" connection-state=established \
    disabled=no
    add action=accept chain=input comment="ACEITA CONECSAO RELACIONADAS" \
    connection-state=related disabled=no
    add action=accept chain=forward comment="" connection-state=related disabled=\
    no
    add action=accept chain="P2P E PORTAS" comment="PORTAS E P2P /////////////////\
    //////////////////////////////////////////////////////////////////////////\
    /////////////////////////////////////////////////////" disabled=no \
    dst-port=6346-6349 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment=FTP disabled=no dst-port=21 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="OUTLOOK EXPRESS" disabled=no \
    dst-port=110 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment=DNS disabled=no dst-port=53 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment=E-MAIL disabled=no dst-port=25 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="portas do ITR" disabled=no \
    dst-port=5636 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5636 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=3456 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="autentica\E7\E3o do MSN" \
    disabled=no dst-port=1863 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1853 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment=skipe disabled=no dst-port=\
    30369 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="PORTAS DO KAZAA" disabled=no \
    dst-port=1214 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="PORTAS DO E-MULE" disabled=no \
    dst-port=4662 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=4662 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
    6346-6348 protocol=udp
    add action=accept chain="P2P E PORTAS" comment="PORTAS DO BITTORRENT" \
    disabled=no dst-port=6881-6889 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
    6881-6889 protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1214 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="PORTAS RANDON DO BIT TORRENT" \
    disabled=no dst-port=57792 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=57792 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="porta servidor CS" disabled=\
    no dst-port=27015 protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27015 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
    protocol=udp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
    protocol=tcp
    add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
    protocol=udp
    add action=drop chain="P2P E PORTAS" comment="BLOQUEIA NETBIOS TCP" disabled=\
    no dst-port=137-139 protocol=tcp src-port=137-139
    add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
    protocol=tcp src-port=445
    add action=drop chain="P2P E PORTAS" comment="BLOQUEIA NETBIOS UDP" disabled=\
    no dst-port=137-139 protocol=udp src-port=137-139
    add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
    protocol=udp src-port=445
    add action=accept chain="P2P E PORTAS" comment="ALL P2P" disabled=no p2p=\
    all-p2p
    add action=drop chain=VIRUS comment="LISTA DE VIRUS///////////////////////////\
    //////////////////////////////////////////////////////////////////////////\
    ////////////////////////////////////////////////////" disabled=no \
    protocol=tcp src-port=445
    add action=drop chain=VIRUS comment="" disabled=no dst-port=445 protocol=tcp
    add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no protocol=\
    udp src-port=445
    add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no dst-port=\
    445 protocol=udp
    add action=drop chain=VIRUS comment="" disabled=no protocol=tcp src-port=\
    135-139
    add action=drop chain=VIRUS comment="" disabled=no protocol=udp src-port=\
    135-139
    add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
    tcp
    add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
    udp
    add action=drop chain=VIRUS comment=________ disabled=no dst-port=593 \
    protocol=tcp
    add action=drop chain=VIRUS comment=________ disabled=no dst-port=1024-1030 \
    protocol=tcp
    So para tirar um 10: poderia ser comentado

  8. #8
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão

    Certo...
    as regras acima cria no filter canais ( VIRUS, BOGONGS E P2P E PORTAS)
    com esses canais fica facil identificar as regras pra bloqueio de virus e as outras regras...



  9. #9
    Avatar de kyanbatera
    Ingresso
    Jun 2008
    Localização
    Vila Velha, Brazil, Brazil
    Posts
    132
    Posts de Blog
    1

    Padrão

    Olá amigos do under-Linux
    eu sempre tive um duvida sobre esse excesso de regras no MK isso não atrapalha em nada a navegação dos clientes não?

    precisa mesmo colocar essa monte de bloqueio de virus????

    pois aqui no meu provedor não nada disso, só uso as regras de controle P2P e proxy.

  10. #10

    Padrão

    Para min entender é só eu pegar esses codigos colocar no New Terminal da MK, e basicamente para que serve



  11. #11
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão

    serve pra bloquear virus que ficao se multiplicando na rede infectando o pc do cliente e fodendo com o proverdor todo...
    tambem serve pra bloqueio de proxy externo e possiveis temtativas de invasao...

  12. #12



  13. #13

    Padrão ajuda

    ola Felix ve se vc pode me ajudar estou sofrendo ataques por ssh, gostaria de saber se vc sabe como mudar a porta do ssh e do telnet do meu mikrotik 433AH. abri um topico mais ate agora não obtive resposta https://under-linux.org/f132383-eroo...-mikrotik-help, se vc puder me ajudar com algumas dicas ficarei grato.

  14. #14
    Avatar de kyanbatera
    Ingresso
    Jun 2008
    Localização
    Vila Velha, Brazil, Brazil
    Posts
    132
    Posts de Blog
    1

    Padrão

    Citação Postado originalmente por william Ver Post
    ola Felix ve se vc pode me ajudar estou sofrendo ataques por ssh, gostaria de saber se vc sabe como mudar a porta do ssh e do telnet do meu mikrotik 433AH. abri um topico mais ate agora não obtive resposta https://under-linux.org/f132383-eroo...-mikrotik-help, se vc puder me ajudar com algumas dicas ficarei grato.

    olá amigo para vc mudar a porta dos serviços vá em:
    IP e depois Services e lá tem todos os serviços é só mudar.


    forte abraço.



  15. #15
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão

    ip- service- ai vc moda a porta do ssh e telnet...
    caso de erro aconselho a desabilitar deixa so o www e o winbox , aconselho a vc mudar a porta do www. porta pra ssh-5000

  16. #16

    Padrão

    Porque todas as regras que vejo aqui tem que ser drop , o reject nao ajuda ? , melhor dizer que tem um firewall que ele fcar tentando direto .


    Alguem poderia me explicar porque nao reject ?



  17. #17
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão

    por questoes de segurança prefiro nao mostrar ao usuario que te um firewall bloqueando ele... Vai que o individuo entende de linux e resolve ataca meu servidor... Ja passei por isso nao é nada agradavel...

  18. #18

    Padrão

    OK entendi , masi tambem se ele entender de linux ele logo vai sacar tb que vc tem um firewall dropando os pacotes e nao dando resposta como o reject , entao elas por elas , ou nao ?



  19. #19
    Avatar de felixhmakowski
    Ingresso
    Feb 2009
    Localização
    Pitanga, Parana, Brazil, Brazil
    Posts
    171

    Padrão

    olha depende muito do ponto de vista de cada um, no meu caso foi melhor assim mas pra todas as circunstacias da na mesma. drop ou reject

  20. #20

    Padrão

    Amigo, só pra ver se entendi tua estrutura:
    A interface redenetworks você recebe seu link, seria a interface publica, a que sai para net

    A interface copel é a da sua rede interna, seria a que você esta utilizando para os clientes ou para os computadores dentro de sua empresa.

    Seria isso mesmo ? São apenas essas duas ou eu nao percebi alguma outra ?