+ Responder ao Tópico



  1. #1

    Padrão bloqueio de vírus e worms pelo MT

    bom dia pessoal..


    seguinte...alguem tem algum tipo de controle de vírus e worms pelo mt...se sim gostaria de saber se isso eh útil e funga bem...pois vi algo no demo do mt..e fiquei bem interessado...naum se isso ajuda em alguma coisa..mas acredito q sim..
    se alguem tiver alguma coisa mais ou menos pronta e tiver afim de ajudar os colegas...poste ae...

    agradeço a qq ajuda...flwssss

  2. #2
    marcelons
    Visitante

    Padrão Re: bloqueio de vírus e worms pelo MT

    Rapaz, eu vi isso aqui mesmo e implementei no meu server. São regras de firewall

    [admin@DilSE] ip firewall filter> print
    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; LIBERA PARA SITES DA EMPRESA
    chain=forward protocol=tcp src-port=0-65535 dst-port=0-65535
    src-address-list=DIRETRIZ action=accept

    1 ;;; LIBERA PARA ACESSO AO MSN
    chain=forward protocol=tcp src-port=0-65535 dst-port=0-65535 src-address-list=MSN
    action=accept

    2 ;;; LIBERA PARA BANCOS
    chain=forward protocol=tcp src-port=0-65535 dst-port=0-65535
    src-address-list=BANCO action=accept

    3 ;;; LIBERANDO AS PORTAS PARA CONEX O
    chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=3987 action=accept

    4 chain=forward protocol=udp dst-port=53 action=accept

    5 chain=forward protocol=tcp dst-port=53 action=accept

    6 chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=80 action=accept

    7 chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=8291 action=accept

    8 chain=input protocol=udp action=accept

    9 chain=input src-address=192.168.100.0/24 protocol=tcp dst-port=3142 action=accept

    10 chain=input src-address=192.168.100.0/24 protocol=tcp dst-port=3128 action=accept

    11 chain=forward src-address=192.168.100.0/24 protocol=tcp dst-port=3987 action=accept

    12 chain=forward src-address=192.168.100.0/24 protocol=tcp dst-port=3142 action=accept

    13 chain=forward src-address=192.168.100.0/24 protocol=tcp dst-port=3128 action=accept

    14 chain=input src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=tcp
    dst-port=1360 action=accept

    15 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=tcp
    dst-port=1360 action=accept

    16 chain=input src-address=0.0.0.0/0 protocol=tcp dst-port=8080 action=accept

    17 chain=forward src-address=0.0.0.0/0 protocol=tcp dst-port=8080 action=accept

    18 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 action=accept

    19 chain=forward src-address=0.0.0.0/0 dst-address=192.168.100.0/24
    connection-state=related action=accept

    20 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 action=accept

    21 chain=forward src-address=0.0.0.0 dst-address=192.168.100.0/24
    connection-state=related action=accept

    22 chain=forward connection-state=established action=accept

    23 chain=forward protocol=udp action=accept

    24 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=udp
    action=accept

    25 chain=input src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=udp
    action=accept

    26 chain=forward src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=tcp
    action=accept

    27 chain=input src-address=192.168.100.0/24 dst-address=0.0.0.0 protocol=tcp
    action=accept

    28 ;;; OUTROS BLOQUEIOS DE PORTAS
    chain=forward protocol=tcp src-port=0-65535 dst-port=0-65535 action=drop

    29 chain=input connection-state=invalid action=drop

    30 chain=forward action=drop

    31 ;;; BLOQUEAR VIRUS CONHECIDOS
    chain=virus protocol=tcp dst-port=135-139 action=drop

    32 chain=virus protocol=udp dst-port=135-139 action=drop

    33 chain=virus protocol=tcp dst-port=445 action=drop

    34 chain=virus protocol=udp dst-port=445 action=drop

    35 chain=virus protocol=tcp dst-port=593 action=drop

    36 chain=virus protocol=tcp dst-port=1024-1030 action=drop

    37 chain=virus protocol=tcp dst-port=1080 action=drop

    38 chain=virus protocol=tcp dst-port=1214 action=drop

    39 chain=virus protocol=tcp dst-port=1363 action=drop

    40 chain=virus protocol=tcp dst-port=1364 action=drop

    41 chain=virus protocol=tcp dst-port=1373 action=drop

    42 chain=virus protocol=tcp dst-port=1377 action=drop

    43 chain=virus protocol=tcp dst-port=1368 action=drop

    44 chain=virus protocol=tcp dst-port=1433-1434 action=drop


    ----- Só não peguei o nome dos vírus, mas aqui mesmo ja tem uma postagem com os nome... falow :-D