Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 3 of 3 FirstFirst 123
Results 31 to 42 of 42
  1. #31
    Status
    Offline
    Shoot Net's Avatar
    Baru Gabung
    Join Date
    Feb 2013
    Posts
    1
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    untuk mikrotik dial ppoe bisa gan?

  2. #32
    Status
    Offline
    romi poetra minang's Avatar
    Calon Member
    Join Date
    Oct 2013
    Location
    Padang - Sumatera Barat
    Posts
    72
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ane sekarang gunain ip static.. dulunya ppoe, cuma sering error di clientnya... kenapa itu y..?? Click here to enlarge

  3. #33
    Status
    Offline
    r3zal04's Avatar
    Newbie
    Join Date
    Oct 2008
    Posts
    32
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    waduh.... ane salah isiin namanya di ip list.... seharusnya local-addr

    gmn car masuk lagi ke winbox gan ?

    ke blok semua ne..... hadeh....

    Solved: untuk msh bs masuk dari Mac address local link... Click here to enlarge
    Last edited by r3zal04; 18-11-2013 at 10:48.

  4. #34
    Status
    Offline
    r3zal04's Avatar
    Newbie
    Join Date
    Oct 2008
    Posts
    32
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by Adhiefree Click here to enlarge
    klu masalah seperti itu berarti gan harus masukkin ip publik untuk meremote. Click here to enlarge
    ip public juga tidak bs kita remote MT klo di list address tidak ada... ip public

    untung msh bs login pake Mac address..klo tidak mesti manjat tower 40M Click here to enlarge

  5. #35
    Status
    Offline
    Tri Bilondatu's Avatar
    Baru Gabung
    Join Date
    Feb 2014
    Location
    Manado-Tua, Sulawesi Utara, Indonesia, Indonesia
    Posts
    6
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    patut di coba Click here to enlarge

  6. #36
    Status
    Offline
    StudyHolic's Avatar
    Baru Gabung
    Join Date
    Feb 2012
    Posts
    5
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    udah saya coba berhasil makasih Click here to enlarge

    sekalian tanya sorry kalo oot
    kalo untuk seting ip tertentu aja yang bisa akses server itu gimana yah
    jadi cuma ip tertentu aja yang bisa akses root

    seting di mikrotik atau di linuxnya yah ? Click here to enlarge

    makasih Click here to enlarge

  7. #37
    Status
    Offline
    c0nf's Avatar
    Contributor
    Join Date
    Jul 2007
    Location
    Bandung, Indonesia
    Posts
    1,816
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Linux.
    Cari di sshd config dan sudo..

    Click here to enlarge Originally Posted by StudyHolic Click here to enlarge
    udah saya coba berhasil makasih Click here to enlarge

    sekalian tanya sorry kalo oot
    kalo untuk seting ip tertentu aja yang bisa akses server itu gimana yah
    jadi cuma ip tertentu aja yang bisa akses root

    seting di mikrotik atau di linuxnya yah ? Click here to enlarge

    makasih Click here to enlarge


    Sent from my GT-I9082 using Tapatalk
    Invisible...

  8. #38
    Status
    Offline
    harisa's Avatar
    Baru Gabung
    Join Date
    May 2011
    Posts
    6
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    baguss bangett. ijin nyobain gan

  9. #39
    Status
    Offline
    Anam's Avatar
    Newbie
    Join Date
    Apr 2014
    Location
    City of Heroes
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Ikutan nyoba resep jamu'ny gan...
    Thx gan Click here to enlarge

  10. #40
    Status
    Offline
    Anam's Avatar
    Newbie
    Join Date
    Apr 2014
    Location
    City of Heroes
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Mantep neh, ijin nyimak gan..

  11. #41
    Status
    Offline
    zyrax's Avatar
    Baru Gabung
    Join Date
    Mar 2015
    Posts
    1
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by adh1et Click here to enlarge
    Berikut ini adalah hasil dari beberapa threat dan pengembangan saya sendiri, semoga membantu temen" di sini untuk melindungi mikrotik...

    pertama" buat dulu address list dengan nama local-addr, di sini masukin list ip yang boleh mengakses mikrotik..

    kemudian :
    Code:
    /ip firewall filter
    add action=reject chain=input disabled=yes protocol=icmp reject-with=\
        icmp-network-unreachable
    add action=drop chain=forward comment="Filter - Traceroute" disabled=yes \
        icmp-options=11:0 protocol=icmp
    add action=drop chain=forward disabled=yes icmp-options=3:3 protocol=icmp
    add action=add-src-to-address-list address-list=WARN-FTP \
        address-list-timeout=4w2d chain=input comment="Filter - Wan Access FTP" \
        disabled=no dst-port=21 protocol=tcp src-address-list=!local-addr
    add action=drop chain=input disabled=no src-address-list=WARN-FTP
    add action=accept chain=input disabled=no dst-port=21 protocol=tcp \
        src-address-list=local-addr
    add action=add-src-to-address-list address-list=WARN-SSH \
        address-list-timeout=4w2d chain=input comment="Filter - Wan Access SSH" \
        disabled=no dst-port=22 protocol=tcp src-address-list=!local-addr
    add action=drop chain=input disabled=no src-address-list=WARN-SSH
    add action=accept chain=input disabled=no dst-port=22 protocol=tcp \
        src-address-list=local-addr
    add action=add-src-to-address-list address-list=WARN-TELNET \
        address-list-timeout=4w2d chain=input comment=\
        "Filter - Wan Access TELNET" disabled=no dst-port=23 protocol=tcp \
        src-address-list=!local-addr
    add action=drop chain=input disabled=no src-address-list=WARN-TELNET
    add action=accept chain=input disabled=no dst-port=23 protocol=tcp \
        src-address-list=local-addr
    add action=add-src-to-address-list address-list=WARN-WEB \
        address-list-timeout=4w2d chain=input comment="Filter - Wan Access WEB" \
        disabled=no dst-port=80 protocol=tcp src-address-list=!local-addr
    add action=drop chain=input disabled=no src-address-list=WARN-WEB
    add action=accept chain=input disabled=no dst-port=80 protocol=tcp \
        src-address-list=local-addr
    add action=add-src-to-address-list address-list=WARN-WINBOX \
        address-list-timeout=4w2d chain=input comment=\
        "Filter - Wan Access WINBOX" disabled=no dst-port=8291 protocol=tcp \
        src-address-list=!local-addr
    add action=drop chain=input disabled=no src-address-list=WARN-WINBOX
    add action=accept chain=input disabled=no dst-port=8291 protocol=tcp \
        src-address-list=local-addr
    add action=add-src-to-address-list address-list="Filter - Port Scanners" \
        address-list-timeout=2w chain=input comment="Filter - Port Scanners" \
        disabled=no protocol=tcp psd=21,3s,3,1
    add action=add-src-to-address-list address-list="port scanners" \
        address-list-timeout=2w chain=input disabled=no protocol=tcp tcp-flags=\
        fin,!syn,!rst,!psh,!ack,!urg
    add action=add-src-to-address-list address-list="port scanners" \
        address-list-timeout=2w chain=input disabled=no protocol=tcp tcp-flags=\
        fin,syn
    add action=add-src-to-address-list address-list="port scanners" \
        address-list-timeout=2w chain=input disabled=no protocol=tcp tcp-flags=\
        syn,rst
    add action=add-src-to-address-list address-list="port scanners" \
        address-list-timeout=2w chain=input disabled=no protocol=tcp tcp-flags=\
        fin,psh,urg,!syn,!rst,!ack
    add action=add-src-to-address-list address-list="port scanners" \
        address-list-timeout=2w chain=input disabled=no protocol=tcp tcp-flags=\
        fin,syn,rst,psh,ack,urg
    add action=add-src-to-address-list address-list="port scanners" \
        address-list-timeout=2w chain=input disabled=no protocol=tcp tcp-flags=\
        !fin,!syn,!rst,!psh,!ack,!urg
    add action=drop chain=input disabled=no src-address-list="port scanners"
    add action=accept chain=forward comment=Connections connection-state=\
        established disabled=no
    add action=accept chain=forward connection-state=related disabled=no
    add action=drop chain=forward connection-state=invalid disabled=no
    print screen :
    Click here to enlarge

    fungsi :
    3 : menambahkan ke address list IP yang mencoba masuk lewat port 21 dengan nama WARN-FTP selama waktu yang di tentukan
    4 : drop semua ip yang src address list nya adalah WARN-FTP
    5 : terima semua ip sesuai address list yang di tentukan (local-addr)

    6 : menambahkan ke address list IP yang mencoba masuk lewat port 22 dengan nama WARN-SSH selama waktu yang di tentukan
    7 : drop semua ip yang src address list nya adalah WARN-SSH
    8 : terima semua ip sesuai address list yang di tentukan (local-addr)

    9 : menambahkan ke address list IP yang mencoba masuk lewat port 23 dengan nama WARN-TELNET selama waktu yang di tentukan
    10 : drop semua ip yang src address list nya adalah WARN-TELNET
    11 : terima semua ip sesuai address list yang di tentukan (local-addr)

    12 : menambahkan ke address list IP yang mencoba masuk lewat port 80 dengan nama WARN-WEB selama waktu yang di tentukan
    13 : drop semua ip yang src address list nya adalah WARN-WEB
    14 : terima semua ip sesuai address list yang di tentukan (local-addr)

    12 : menambahkan ke address list IP yang mencoba masuk lewat port 8291 dengan nama WARN-WINBOX selama waktu yang di tentukan
    13 : drop semua ip yang src address list nya adalah WARN-WINBOX
    14 : terima semua ip sesuai address list yang di tentukan (local-addr)

    keuntungan :
    anda dapat melihat list IP yang tersaring / mencoba masuk ke router anda pada bagian address-list dengan nama WARN-FTP / WARN-SSH / WARN-TELNET / WARN-WEB / WARN-WINBOX.
    siapa tau mau serang balik Click here to enlarge

    anda bisa menambahkan sendiri / memodifikasi sesuai keperluan.
    di sini saya hanya "memainkan" address list dan port yang ingin di filter.

    jika berguna, klik thanks Click here to enlarge
    NB : Sorry, itu hasil print screen salah di bagian telnet, tertulis port 22, harusnya 23
    Makan Resources router Click here to enlarge

  12. #42
    Status
    Offline
    helmisubiakto's Avatar
    Newbie
    Join Date
    Nov 2009
    Posts
    33
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Izin coba gan....

 

 
Page 3 of 3 FirstFirst 123

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [ask] ttg rule firewall filter MT .. benarkah ??
    By earthlink in forum General Networking
    Replies: 6
    Last Post: 04-09-2014, 10:19
  2. Replies: 58
    Last Post: 09-12-2012, 07:28
  3. sudah ada ga yang pakai Radius Manager share dong disini
    By langoday in forum HotSpot, The Dude & User Manager
    Replies: 22
    Last Post: 07-09-2011, 00:10
  4. Setting Firewall filter kok ga bisa???
    By darkwatch in forum Beginner Basics
    Replies: 3
    Last Post: 11-10-2010, 16:17
  5. [HELP]remove firewall filter lists
    By aaheroe in forum General Networking
    Replies: 2
    Last Post: 05-03-2010, 21:58

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •