Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
  1. #1
    Status
    Offline
    bramand's Avatar
    Newbie
    Join Date
    Jan 2008
    Posts
    53
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)

    Anti Virus u/ MikroTik

    Saya dapat ini dari blog-nya Mas Yoyok Riawan :

    ANTI VIRUS UTK MICROTIK :
    add chain=forward action=jump jump-target=virus comment=”jump to the virus chain”

    add chain=forward protocol=icmp comment=”allow ping”
    add chain=forward protocol=udp comment=”allow udp”
    add chain=forward action=drop comment=”drop everything else”

    Ada yg udah coba? Atau ada yg bisa jelaskan logikanya?
    Kalo betul bisa utk mencegah masuknya virus, kan asyik tuh..

  2. #2
    Status
    Offline
    [a]
    [a]'s Avatar
    Administrator
    Join Date
    Jun 2007
    Location
    Jakarta, Indonesia, Indonesia
    Posts
    1,729
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    rule yg dipaste ga komplit...

    dan yg dimaksud dengan rule diatas bukanlah anti virus untuk mikrotik...mikrotik sampe saat ini blum butuh anti virus (dan mudah2an ga akan pernah butuh)...

    yang dimaksud dengan script diatas adalah kumpulan rule2 di firewall untuk mencegah penyebaran virus2 yang telah kita ketahui patternnya...jadi misalnya ada virus/worm/trojan yang telah diketahui menggunakan port2 tertentu dalam proses duplikasi dirinya, tentunya hal ini dapat kita cegah agar tidak sampai masuk/keluar dari jaringan kita...

    rule diatas bukanlah anti virus yang dapat membasmi virus itu sendiri...agar dapat membasmi dan mencegah virus, kita tetap membutuhkan anti virus di host kita...

    semoga jelas yah...

  3. #3
    Status
    Offline
    rasta4rest's Avatar
    Baru Gabung
    Join Date
    Jan 2008
    Posts
    4
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    owh...gtw yah Om Admin Click here to enlarge
    moga aja deh, bneran ga akan butuh antivirus...
    trus rule yang lengkap yg kek gmn OMz Click here to enlarge

  4. #4
    Status
    Offline
    nux
    nux's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    betul sekali bung admin..
    jd rule di atas bukan antivirus utk system mikrotiknya itu sendiri, tetapi rule untuk membentengi (firewall) dari port/protocol berbagai jenis virus, trojan dkk yg berpotensi membahayakan/merusak system jaringan/client. misal kita ingin memblokir aplikasi backdoor yang telah kita ketahui port & protocol sebelumnya,
    contohnya yaitu program BackDoor-QE yg beroprasi di port 10452 dan protokol TCP:

    /ip firewall filter
    add chain=forward protocol=tcp dst-port=10452 action=drop comment="BackDoor-QE" \
    disabled=no
    berikut daftar port & protocol yg patut dicurigai, gak up to date sich..Click here to enlarge.....
    2000 Cracks 6776 TCP
    Acid Battery 32418 TCP
    Acid Battery 2000 52317 TCP
    Acid Shivers 10520 TCP
    Agent 31 31 TCP
    Agent 40421 40421 TCP
    Aim Spy 777 TCP
    Ajan 25 TCP
    Ambush 10666 UDP
    AntiGen 25 TCP
    AOL Trojan 30029 TCP
    Attack FTP 666 TCP
    Back Construction 666/5400/5401 TCP
    Back Door Setup 5000/5001/7789 TCP
    Back Orifice 31337/31338 UDP
    Back Orifice 2000 8787/54320/54321 TCP
    Back Orifice DLL 1349 UDP
    BackDoor 1999 TCP
    BackDoor-G 1243/6776 TCP
    BackDoor-QE 10452 TCP
    BackDoor-QO 3332 TCP
    BackDoor-QR 12973/12975 TCP
    BackFire 31337 UDP
    Baron Night 31337 TCP
    Big Gluck (TN) 34324 TCP
    BioNet 12349 TCP
    Bla 1042/20331 TCP
    Black Construction 21 TCP
    Blade Runner 21/5400-5402 TCP
    BO client 31337 TCP
    BO Facil 5556/5557/31337 TCP
    Bo Wack 31336 TCP
    BoBo 4321 TCP
    BOWhack 31666 TCP
    BrainSpy 10101 TCP
    Bubbel 5000 TCP
    BugBear 36794 TCP
    Bugs 2115 TCP
    Bunker-Hill 61348/61603/63485 TCP
    Cain e Abel 666 TCP
    Chargen 9 UDP
    Chupacabra 20203 TCP
    Coma 10607 TCP
    Cyber Attacker 9876 TCP
    Dark Shadow 911 TCP
    Death 2 TCP
    Deep Back Orifice 31338 UDP
    Deep Throat 41/2140/3150/6771 TCP
    Deep Throat v2 2140/3150/6670/6711/60000 TCP
    Deep Throat v3 6674 TCP
    DeepBO 31337 UDP
    DeepThroat 999 TCP
    Delta Source 26274 UDP
    Delta Source 47262 UDP
    Der Spacher 3 1000/1001/2000/2001 TCP
    Devil 65000 TCP
    Digital RootBeer 2600 TCP
    DMsetup 58/59 TCP
    DNS 53 TCP
    Doly Trojan 21/1010-1012/1015 TCP
    Donald Dick 23476/23477 TCP
    DRAT 48/50 TCP
    DUN Control 12623 UDP
    Eclipse 2000 3459 TCP
    Eclypse 3801 UDP
    Email Password Sender 25 TCP
    Evil FTP 23456 TCP
    Executer 80 TCP
    File Nail 4567 TCP
    Firehotcker 79/5321 TCP
    Fore 21/50766 TCP
    FTP - Trojan 21 TCP
    FTP99cmp 1492 TCP
    Gaban Bus 12345/12346 TCP
    Gate Crasher 6969/6970 TCP
    GirlFriend 21554 TCP
    Gjamer 12076 TCP
    Hack '99 KeyLogger 12223 TCP
    Hack 'a' Tack 31780/31785/31787-31789 TCP
    Hack 'a' Tack 31791/31792 UDP
    HackCity Ripper Pro 2023 TCP
    Hackers Paradise 31/456 TCP
    HackOffice 8897 TCP
    Haebu Coceda 25 TCP
    Happy 99 25/119 TCP
    Hidden Port 99 TCP
    Hooker 80 TCP
    Host Control 6669/11050 TCP
    HVL Rat5 2283 TCP
    icKiller 7789 TCP
    ICQ (ICQ.com - community, people search and messaging service!) 1027/1029/1032 TCP
    ICQ Revenge 16772/19864 TCP
    ICQ Trojan 4590 TCP
    Illusion Mailer 2155/5512 TCP
    InCommand 9400 TCP
    Indoctrination 6939 TCP
    Infector 146 TCP
    Infector 146 UDP
    iNi-Killer 555/9989 TCP
    Insane Network 2000 TCP
    Invisible FTP 21 TCP
    IRC-3 6969 TCP
    JammerKillah 121 TCP
    Kazimas 113/7000 TCP
    Kuang2 25/17300/30999 TCP
    Larva 21 TCP
    Logged 20203 TCP
    Masters' Paradise 31/3129/40421-40423/40425-40426 TCP
    Mavericks Matrix 1269 TCP
    Millenium 20000-20001 TCP
    MiniCommand 1050 TCP
    Mosucker 16484 TCP
    Nephron 17777 TCP
    Net Administrator 21/555 TCP
    Net Controller 123 TCP
    Netbios datagram (DoS Attack) 138 TCP
    Netbios name (DoS Attack) 137 TCP
    Netbios session (DoS Attack) 139 TCP
    NetBus 12345-12346 TCP
    NetBus Pro 20034 TCP
    NetMetropolitan 5031 TCP
    NetMonitor 7300-7301/7306-7308 TCP
    NetRaider 57341 TCP
    NETrojan 1313 TCP
    NetSphere 30100-30103 TCP
    NetSpy 1024/1033/31338-31339 TCP
    NewApt 25 TCP
    NoBackO 1200-1201 UDP
    One of the Last Trojan (OOTLT) 5011 TCP
    OpC BO 1969 TCP
    PC Crasher 5637-5638 TCP
    Phase Zero 555 TCP
    Phineas Phucker 2801 TCP
    Pie Bill Gates 12345 TCP
    Portal of Doom 3700/9872-9875 TCP
    Portal of Doom 10067/10167 UDP
    Priority 6969/16969 TCP
    Progenic 11223 TCP
    ProMail Trojan 25/110 TCP
    Prosiak 22222/33333 TCP
    Psyber Stream Server 1024/1170/1509/4000 TCP
    Rasmin 531/1045 TCP
    RAT 1095/1097-1099/2989 TCP
    RC 65535 TCP
    Rcon 8989 TCP
    Remote Grab 7000 TCP
    Remote Windows Shutdown 53001 TCP
    RingZero 80/3128/8080 TCP
    Robo-Hack 5569 TCP
    Satanz backDoor 666 TCP
    ScheduleAgent 6667 TCP
    School Bus 54321 TCP
    Schwindler 21554/50766 TCP
    Secret Agent 11223 TCP
    Secret Service 605/6272 TCP
    Senna Spy FTP Server 21/11000/13000 TCP
    ServeMe 5555 TCP
    ServeU 666 TCP
    Shadow Phyre 666 TCP
    Shit Heep 6912 TCP
    ShockRave 1981 TCP
    Shtirlitz 25 TCP
    Sivka-Burka 1600 TCP
    SK Silencer 1001 TCP
    Socket25 30303 TCP
    Sockets de Troie 5000-5001/30303/50505 TCP
    SoftWAR 1207 TCP
    Spirit 2001a 33911 TCP
    SpySender 1807 TCP
    Stealth 25 TCP
    Stealth Spy 555 TCP
    Streaming Audio trojan 1170 TCP
    Striker 2565 TCP
    SubSeven 1243/2773/6711-6713/6776/7000/7215
    /27374/27573/54283 TCP
    SubSeven Apocalypse 1243 TCP
    Syphillis 10086 TCP
    Tapiras 25 TCP
    TCP Wrappers 421 TCP
    TeleCommando 61466 TCP
    Terminator 25 TCP
    Terror Trojan 3456 TCP
    The Invasor 2140/3150 TCP
    The Prayer 2716/9999 TCP
    The Spy 40412 TCP
    The Thing 6000/6400 TCP
    The Traitor 65432 TCP
    The Traitor 65432 UDP
    The Trojan Cow 2001 TCP
    The Unexplained 29891 UDP
    Tiny Telnet Server 23/34324 TCP
    TransScout 1999-2005/9878 TCP
    Trinoo 34555/35555 UDP
    Truva Atl 23 TCP
    Ugly FTP 23456 TCP
    Ultor's Trojan 1234 TCP
    Vampire 1020 TCP
    Vampyre 6669 TCP
    Virtual Hacking Machine 4242 TCP
    Voice 1024/1170/4000 TCP
    Voodoo Doll 1245 TCP
    Wack-a-mole 12361-12362 TCP
    Web Ex 21/1001 TCP
    WhackJob 12631/23456 TCP
    WinCrash 21/2583/3024/4092/5714/5741-5742 TCP
    WinGate (socks-proxy) 1080 TCP
    WinHole 1080/1082 TCP
    WinNuke 135/139 TCP
    WinPC 25 TCP
    WinSatan 999 TCP
    WinSpy 25 TCP
    X-bill 12345-12346 TCP
    Xplorer 2300 TCP
    Xtcp 5550 TCP
    Xtreme 1090 TCP
    YAT 37651

  5. #5
    Status
    Offline
    [a]
    [a]'s Avatar
    Administrator
    Join Date
    Jun 2007
    Location
    Jakarta, Indonesia, Indonesia
    Posts
    1,729
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    ^^ banyak yah yang harus dicurigai...

    btw, semua ini lo masukin ke firewall lo bro ?

  6. #6
    Status
    Offline
    Akangage's Avatar
    Administrator
    Join Date
    Aug 2007
    Location
    Daerah Khusus Ibukota Jakarta, Indonesia
    Posts
    4,195
    Reviews
    Read 0 Reviews
    Downloads
    210
    Uploads
    87
    Feedback Score
    0
    Wes.... klenger tuh dimasukin atu2 Click here to enlarge tapi kayanya ada yang Akang perlukan deh

  7. #7
    Status
    Offline
    nux
    nux's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by [a] Click here to enlarge
    btw, semua ini lo masukin ke firewall lo bro ?
    gak lah bro Click here to enlarge, cuma tertentu..

  8. The Following User Says Thank You to nux For This Useful Post:


  9. #8
    Status
    Offline
    Akangage's Avatar
    Administrator
    Join Date
    Aug 2007
    Location
    Daerah Khusus Ibukota Jakarta, Indonesia
    Posts
    4,195
    Reviews
    Read 0 Reviews
    Downloads
    210
    Uploads
    87
    Feedback Score
    0
    Gileee... dikirain masukin semua Click here to enlarge

  10. #9
    Status
    Offline
    nux
    nux's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    yg ku tutup cuma port yg biasa digunakan utk exploits..

  11. #10
    Status
    Offline
    rasta4rest's Avatar
    Baru Gabung
    Join Date
    Jan 2008
    Posts
    4
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    yang mana aja neh yang biasa na jadi target buat exploits Click here to enlarge

    maap nyu bie ne saia Click here to enlarge

  12. #11
    Status
    Offline
    nux
    nux's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    biasanya sih 135-139, 445 tcp/udp >> netbios nya windows sering dijadikan backdoor..

  13. The Following 3 Users Say Thank You to nux For This Useful Post:


  14. #12
    Status
    Offline
    rasta4rest's Avatar
    Baru Gabung
    Join Date
    Jan 2008
    Posts
    4
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    okeh matur nuwun Click here to enlarge

  15. #13
    Status
    Offline
    fianprasetia's Avatar
    Member
    Join Date
    Jan 2011
    Posts
    111
    Reviews
    Read 0 Reviews
    Downloads
    4
    Uploads
    0
    Feedback Score
    0
    masih bingung sama penjelasan di atas tentang antivirus untuk mikrotik

  16. #14
    Status
    Offline
    iyou's Avatar
    Member
    Join Date
    Aug 2008
    Location
    Luwu
    Posts
    187
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Setahu saya anti virus untuk mikrotik gak ada...
    yang diatas itu hanyalah script untuk mencegah atau melakukan drop traffik virus yang akan melakukan upload dan dwonload.

    Ketika virus melakukan upload dan download (enth itu apa yng di upload dan download), maka bandwith yang kita punya akan terkuras dan menyebabkan koneksi jadi lambat, hal ini akan menyebabkan traffik pada router kita menjadi2....akibatnya memeori router kewalahan, karena di aliri data diluar dari kemampuannya....

    hehhee.... semoga bisa membantu...Click here to enlarge

  17. The Following 2 Users Say Thank You to iyou For This Useful Post:


  18. #15
    Status
    Offline
    fianprasetia's Avatar
    Member
    Join Date
    Jan 2011
    Posts
    111
    Reviews
    Read 0 Reviews
    Downloads
    4
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by iyou Click here to enlarge
    Setahu saya anti virus untuk mikrotik gak ada...
    yang diatas itu hanyalah script untuk mencegah atau melakukan drop traffik virus yang akan melakukan upload dan dwonload.

    Ketika virus melakukan upload dan download (enth itu apa yng di upload dan download), maka bandwith yang kita punya akan terkuras dan menyebabkan koneksi jadi lambat, hal ini akan menyebabkan traffik pada router kita menjadi2....akibatnya memeori router kewalahan, karena di aliri data diluar dari kemampuannya....

    hehhee.... semoga bisa membantu...Click here to enlarge
    lebih efisienana mana dengan memakai copfilter (clamav) pada web proxy atau skrip di atas,, atau di padukan antara script di atas dengan menginstall copfilter pada web proxy

 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Similar Threads

  1. Replies: 23
    Last Post: 05-06-2013, 23:55
  2. mikrotik bisa kena virus ga ya?
    By plempoh_04 in forum Beginner Basics
    Replies: 5
    Last Post: 02-01-2008, 18:33

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •