Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 9 of 9
  1. #1
    Status
    Offline
    ponywaterhouse's Avatar
    Forum Guru
    Join Date
    Jul 2007
    Posts
    1,507
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    blok !ournetwork

    di firewall ada script seperti ini :

    Code:
    chain=input action=add-src-to-address-list src-address-list=!ournetwork 
         address-list=penyusup address-list-timeout=1w 
    
    chain=input action=drop src-address-list=!ournetwork
    klo gak salah biar list yg diluar list ournetwork ga bisa akses ke router kita..


    soalnya barusan gw perhatiin, sampe ada 63247 packet yg ngelewatin rule ini..
    pas di cek ke address list penyusup, banyak banget IP yg kedaftar disana..


    pengen tau aja, bener ga yah script nya seperti diatas itu?
    takut2 ada yg emang harusnya ga diblok tapi ke blok...

  2. #2
    Status
    Offline
    t3rm's Avatar
    Member Super Senior
    Join Date
    Aug 2007
    Posts
    665
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by ponywaterhouse Click here to enlarge
    di firewall ada script seperti ini :

    Code:
    chain=input action=add-src-to-address-list src-address-list=!ournetwork 
         address-list=penyusup address-list-timeout=1w 
    
    chain=input action=drop src-address-list=!ournetwork
    klo gak salah biar list yg diluar list ournetwork ga bisa akses ke router kita..


    soalnya barusan gw perhatiin, sampe ada 63247 packet yg ngelewatin rule ini..
    pas di cek ke address list penyusup, banyak banget IP yg kedaftar disana..


    pengen tau aja, bener ga yah script nya seperti diatas itu?
    takut2 ada yg emang harusnya ga diblok tapi ke blok...

    Berarti banyak yang coba masuk kali ke mikrotik disana.
    FTP, SSH, TELNET, WEB ...

    Sudah bener koq caranya kalau mau blokir network luar supaya jangan nyentuh ip mikrotiknya.

    Click here to enlarge

  3. #3
    Status
    Offline
    ponywaterhouse's Avatar
    Forum Guru
    Join Date
    Jul 2007
    Posts
    1,507
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by t3rm Click here to enlarge
    Berarti banyak yang coba masuk kali ke mikrotik disana.
    FTP, SSH, TELNET, WEB ...

    Sudah bener koq caranya kalau mau blokir network luar supaya jangan nyentuh ip mikrotiknya.

    Click here to enlarge
    wew.. thanks...
    soalnya baru baru aja analisis firewall.. hehe..

    serangan masih berjalan nih.. sadiss..

  4. #4
    Status
    Offline
    c0nf's Avatar
    Contributor
    Join Date
    Jul 2007
    Location
    Bandung, Indonesia
    Posts
    1,816
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    santai aja um ponny
    di server ku juga banyak koq
    tiada hari tanpa ada yg mencoba masuk
    Click here to enlarge

  5. #5
    Status
    Offline
    nux
    nux's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    weee..pd iseng bgt ya..

  6. #6
    Status
    Offline
    izzanabila's Avatar
    Newbie
    Join Date
    Jan 2008
    Posts
    33
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    cara paling mudah, ubah saja default port untuk mikrotik yang ada di /ip services

    itu kan sebenarnya cuman kerjaan port-scanner or brute force aja.
    Yang perlu diganti port default FTP, WWW, TELNET dan SSH

    Dah deh..itu doang. Dijamin serangan akan relatif menurun.

  7. #7
    Status
    Offline
    nux
    nux's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    mending matikan service yg gak kepake..

  8. #8
    Status
    Offline
    ponywaterhouse's Avatar
    Forum Guru
    Join Date
    Jul 2007
    Posts
    1,507
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by izzanabila Click here to enlarge
    cara paling mudah, ubah saja default port untuk mikrotik yang ada di /ip services

    itu kan sebenarnya cuman kerjaan port-scanner or brute force aja.
    Yang perlu diganti port default FTP, WWW, TELNET dan SSH

    Dah deh..itu doang. Dijamin serangan akan relatif menurun.
    hehe.. itu mah udah dimatiin..
    cuman http aja yg dinyalain..
    tetep aja banyak yg penasaran.. hehe..

  9. #9
    Status
    Offline
    ponywaterhouse's Avatar
    Forum Guru
    Join Date
    Jul 2007
    Posts
    1,507
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    kemaren firewall + nat kehapus semua..

    begitu script ini dipake lagi, malah ga bisa kemana2..
    aneh.. hehe..

    padahal cuman balikin firewall + nat yg udah ke backup..

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Blok P2P
    By kipyes in forum Beginner Basics
    Replies: 2
    Last Post: 16-07-2008, 16:59
  2. blok mac
    By k1j0r in forum Wireless Networking
    Replies: 3
    Last Post: 12-11-2007, 18:46

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •