Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 11 of 11
  1. #1
    Status
    Offline
    osadharmawan's Avatar
    Baru Gabung
    Join Date
    Apr 2009
    Posts
    13
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    [ASK]spam terbaca pada address list

    sebelum nya nubie minta maaf.

    para Master MT ada yang tau tidak ini kenapa?!
    kok spam terbaca di address list yach?
    Click here to enlarge

    bisa tolong di jelaskan?Click here to enlarge

    Click here to enlarge Originally Posted by Firewall Filter
    aug/13/2010 03:50:41 system,error,critical login failure for user admin via local
    aug/13/2010 03:50:54 system,error,critical login failure for user admin via local
    aug/13/2010 03:51:01 system,error,critical login failure for user admin via local
    Terminal vt102 detected, using multiline input mode
    [admin@MikroTik] > ip fir fil exp
    # aug/13/2010 20:11:06 by RouterOS 2.9.27
    # software id = PQHS-XMN
    #
    / ip firewall filter
    add chain=forward protocol=tcp dst-port=843 action=add-dst-to-address-list address-list=LOADPOKER address-list-timeout=1d \
    comment="Poker" disabled=no
    add chain=forward protocol=tcp dst-port=9339 action=add-dst-to-address-list address-list=LOADPOKER address-list-timeout=1d \
    comment="" disabled=no
    add chain=forward in-interface=ether1 out-interface=ether2 dst-address=192.168.1.0/24 action=accept comment="Allow semua \
    akses internet to client" disabled=no
    add chain=input in-interface=ether1 protocol=tcp dst-port=8291 action=accept comment="Allow Remote winbox dari Publik" \
    disabled=no
    add chain=input in-interface=ether1 protocol=udp src-port=53 action=accept comment="Allow DNS Traffic" disabled=no
    add chain=input in-interface=ether1 protocol=icmp action=accept comment="Allow Ping Traceroute Traffic" disabled=no
    add chain=input in-interface=ether1 connection-state=new action=add-src-to-address-list address-list=spam \
    address-list-timeout=30m comment="Log Ip Yang Di Tolak" disabled=no
    add chain=forward dst-address-list=worm-dst action=drop comment="2008 Drop dst-address \
    http://traficconverter.biz/<censored>/loadadv.exe" disabled=no
    add chain=virus protocol=tcp dst-port=10452 action=drop comment="BackDoor-QE" disabled=no
    add chain=forward protocol=tcp dst-port=135-139 action=drop comment="Blok Spam" disabled=no
    add chain=forward protocol=udp dst-port=135-139 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=445 action=drop comment="" disabled=no
    add chain=forward protocol=udp dst-port=445 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=593 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=4444 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=5554 action=drop comment="" disabled=no
    add chain=forward protocol=udp dst-port=995-999 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=53 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=55 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=9996 action=drop comment="" disabled=no
    add chain=virus protocol=tcp dst-port=593 action=drop comment="Filter Rules" disabled=no
    add chain=forward connection-state=established action=accept comment="allow_established_connections" disabled=no
    add chain=forward connection-state=related action=accept comment="allow_related_connections" disabled=no
    add chain=forward connection-state=invalid action=drop comment="drop_invalid_connections" disabled=no
    add chain=forward action=jump jump-target=virus comment="jump_to_the_virus_chain" disabled=no
    add chain=forward protocol=tcp dst-port=80 action=accept comment="Allow_HTTP" disabled=no
    add chain=forward protocol=tcp dst-port=25 action=accept comment="Allow_SMTP" disabled=no
    add chain=virus protocol=tcp dst-port=135-139 action=drop comment="Drop_Blaster_Worm" disabled=no
    add chain=virus protocol=udp dst-port=135-139 action=drop comment="Drop_Messenge_Worm" disabled=no
    add chain=virus protocol=tcp dst-port=445 action=drop comment="Drop_Blaster_Worm" disabled=no
    add chain=virus protocol=udp dst-port=445 action=drop comment="Drop_Blaster_Worm" disabled=no
    add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment="________" disabled=no
    add chain=virus protocol=tcp dst-port=1080 action=drop comment="Drop_MyDoom" disabled=no
    add chain=virus protocol=tcp dst-port=1214 action=drop comment="___kendari-undergorund_____" disabled=no
    add chain=virus protocol=tcp dst-port=1363 action=drop comment="ndm_requester" disabled=no
    add chain=virus protocol=tcp dst-port=1364 action=drop comment="ndm_server" disabled=no
    add chain=virus protocol=tcp dst-port=1368 action=drop comment="screen_cast" disabled=no
    add chain=virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx" disabled=no
    add chain=virus protocol=tcp dst-port=1377 action=drop comment="cichlid" disabled=no
    add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment="Worm" disabled=no
    add chain=virus protocol=tcp dst-port=2745 action=drop comment="Bagle_Virus" disabled=no
    add chain=virus protocol=tcp dst-port=2283 action=drop comment="Drop_Dumaru.Y" disabled=no
    add chain=virus protocol=tcp dst-port=2535 action=drop comment="Drop_Beagle" disabled=no
    add chain=virus protocol=tcp dst-port=2745 action=drop comment="Drop_Beagle.C-K" disabled=no
    add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment="Drop_MyDoom" disabled=no
    add chain=virus protocol=tcp dst-port=4444 action=drop comment="Worm" disabled=no
    add chain=virus protocol=udp dst-port=4444 action=drop comment="Worm" disabled=no
    add chain=virus protocol=tcp dst-port=5554 action=drop comment="Drop_Sasser" disabled=no
    add chain=virus protocol=tcp dst-port=8866 action=drop comment="Drop_Beagle.B" disabled=no
    add chain=virus protocol=tcp dst-port=9898 action=drop comment="Drop_Dabber.A-B" disabled=no
    add chain=virus protocol=tcp dst-port=10000 action=drop comment="Drop_Dumaru.Y" disabled=no
    add chain=virus protocol=tcp dst-port=10080 action=drop comment="Drop_MyDoom.B" disabled=no
    add chain=virus protocol=tcp dst-port=12345 action=drop comment="Drop_NetBus" disabled=no
    add chain=virus protocol=tcp dst-port=17300 action=drop comment="Drop_Kuang2" disabled=no
    add chain=virus protocol=tcp dst-port=27374 action=drop comment="Drop_SubSeven" disabled=no
    add chain=virus protocol=tcp dst-port=65506 action=drop comment="Drop_PhatBot,_Agobot,_Gaobot" disabled=no
    add chain=virus protocol=tcp dst-port=6776 action=drop comment="2000_Cracks" disabled=no
    add chain=virus protocol=tcp dst-port=32418 action=drop comment="Acid_Battery" disabled=no
    add chain=virus protocol=tcp dst-port=2000 action=drop comment="Acid_Battery" disabled=no
    add chain=virus protocol=tcp dst-port=52317 action=drop comment="Acid_Battery" disabled=no
    add chain=virus protocol=tcp dst-port=10520 action=drop comment="Acid_Shivers" disabled=no
    add chain=virus protocol=tcp dst-port=31 action=drop comment="Agent" disabled=no
    add chain=virus protocol=tcp dst-port=40421 action=drop comment="Agent" disabled=no
    add chain=virus protocol=tcp dst-port=777 action=drop comment="Aim_Spy" disabled=no
    add chain=virus protocol=tcp dst-port=25 action=drop comment="Ajan&AntiGen" disabled=no
    add chain=virus protocol=udp dst-port=10666 action=drop comment="Ambush" disabled=no
    add chain=virus protocol=tcp dst-port=30029 action=drop comment="AOL_Trojan" disabled=no
    [admin@MikroTik]
    Sumber Script dari sini (tapi sementara waktu lagi di disable karna untuk facebook lemot bener)

    sekarang masih nyari2 settingan yang pas.
    Last edited by osadharmawan; 13-08-2010 at 22:34.

  2. #2
    Status
    Offline
    dingo's Avatar
    Member Super Senior
    Join Date
    Jan 2008
    Location
    Puncak Kesejukan
    Posts
    641
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    kok bisa gitu?
    itu ada firewall filter rule ya?
    Coba gelar gan firewall nya....

  3. #3
    Status
    Offline
    osadharmawan's Avatar
    Baru Gabung
    Join Date
    Apr 2009
    Posts
    13
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by dingo Click here to enlarge
    kok bisa gitu?
    itu ada firewall filter rule ya?
    Coba gelar gan firewall nya....
    waw, suatu penghormatan buat saya.Click here to enlarge
    seorang master MT langsung menanggapi nya ^^'

    itu dia saya kurang tau gan,kok bisa muncul seperti itu.Click here to enlarge
    yuZ,benar ada firewall filter rule nya
    cara gelar nya gmn gan?maklum nubie.mohon pencerahan nya...Click here to enlarge

    karna nubie hanya bisa asal copas script saja.untuk edit2 nya ane kurang tau.Click here to enlarge
    Last edited by osadharmawan; 13-08-2010 at 21:28.

  4. #4
    Status
    Offline
    dingo's Avatar
    Member Super Senior
    Join Date
    Jan 2008
    Location
    Puncak Kesejukan
    Posts
    641
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by osadharmawan Click here to enlarge
    waw, suatu penghormatan buat saya.Click here to enlarge
    seorang master MT langsung menanggapi nya ^^'

    itu dia saya kurang tau gan,kok bisa muncul seperti itu.Click here to enlarge
    yuZ,benar ada firewall filter rule nya
    cara gelar nya gmn gan?maklum nubie.mohon pencerahan nya...Click here to enlarge

    karna nubie hanya bisa asal copas script saja.untuk edit2 nya ane kurang tau.Click here to enlarge
    di terminal ketik : ip fir fil exp
    Hasilnya paste sini

  5. #5
    Status
    Offline
    osadharmawan's Avatar
    Baru Gabung
    Join Date
    Apr 2009
    Posts
    13
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Om dingo script nya udah saya gelar.

    Click here to enlarge Originally Posted by Firewall Filter
    aug/13/2010 03:50:41 system,error,critical login failure for user admin via local
    aug/13/2010 03:50:54 system,error,critical login failure for user admin via local
    aug/13/2010 03:51:01 system,error,critical login failure for user admin via local
    Terminal vt102 detected, using multiline input mode
    [admin@MikroTik] > ip fir fil exp
    # aug/13/2010 20:11:06 by RouterOS 2.9.27
    # software id = PQHS-XMN
    #
    / ip firewall filter
    add chain=forward protocol=tcp dst-port=843 action=add-dst-to-address-list address-list=LOADPOKER address-list-timeout=1d \
    comment="Poker" disabled=no
    add chain=forward protocol=tcp dst-port=9339 action=add-dst-to-address-list address-list=LOADPOKER address-list-timeout=1d \
    comment="" disabled=no
    add chain=forward in-interface=ether1 out-interface=ether2 dst-address=192.168.1.0/24 action=accept comment="Allow semua \
    akses internet to client" disabled=no
    add chain=input in-interface=ether1 protocol=tcp dst-port=8291 action=accept comment="Allow Remote winbox dari Publik" \
    disabled=no
    add chain=input in-interface=ether1 protocol=udp src-port=53 action=accept comment="Allow DNS Traffic" disabled=no
    add chain=input in-interface=ether1 protocol=icmp action=accept comment="Allow Ping Traceroute Traffic" disabled=no
    add chain=input in-interface=ether1 connection-state=new action=add-src-to-address-list address-list=spam \
    address-list-timeout=30m comment="Log Ip Yang Di Tolak" disabled=no
    add chain=forward dst-address-list=worm-dst action=drop comment="2008 Drop dst-address \
    http://traficconverter.biz/<censored>/loadadv.exe" disabled=no
    add chain=virus protocol=tcp dst-port=10452 action=drop comment="BackDoor-QE" disabled=no
    add chain=forward protocol=tcp dst-port=135-139 action=drop comment="Blok Spam" disabled=no
    add chain=forward protocol=udp dst-port=135-139 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=445 action=drop comment="" disabled=no
    add chain=forward protocol=udp dst-port=445 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=593 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=4444 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=5554 action=drop comment="" disabled=no
    add chain=forward protocol=udp dst-port=995-999 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=53 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=55 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=9996 action=drop comment="" disabled=no
    add chain=virus protocol=tcp dst-port=593 action=drop comment="Filter Rules" disabled=no
    add chain=forward connection-state=established action=accept comment="allow_established_connections" disabled=no
    add chain=forward connection-state=related action=accept comment="allow_related_connections" disabled=no
    add chain=forward connection-state=invalid action=drop comment="drop_invalid_connections" disabled=no
    add chain=forward action=jump jump-target=virus comment="jump_to_the_virus_chain" disabled=no
    add chain=forward protocol=tcp dst-port=80 action=accept comment="Allow_HTTP" disabled=no
    add chain=forward protocol=tcp dst-port=25 action=accept comment="Allow_SMTP" disabled=no
    add chain=virus protocol=tcp dst-port=135-139 action=drop comment="Drop_Blaster_Worm" disabled=no
    add chain=virus protocol=udp dst-port=135-139 action=drop comment="Drop_Messenge_Worm" disabled=no
    add chain=virus protocol=tcp dst-port=445 action=drop comment="Drop_Blaster_Worm" disabled=no
    add chain=virus protocol=udp dst-port=445 action=drop comment="Drop_Blaster_Worm" disabled=no
    add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment="________" disabled=no
    add chain=virus protocol=tcp dst-port=1080 action=drop comment="Drop_MyDoom" disabled=no
    add chain=virus protocol=tcp dst-port=1214 action=drop comment="___kendari-undergorund_____" disabled=no
    add chain=virus protocol=tcp dst-port=1363 action=drop comment="ndm_requester" disabled=no
    add chain=virus protocol=tcp dst-port=1364 action=drop comment="ndm_server" disabled=no
    add chain=virus protocol=tcp dst-port=1368 action=drop comment="screen_cast" disabled=no
    add chain=virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx" disabled=no
    add chain=virus protocol=tcp dst-port=1377 action=drop comment="cichlid" disabled=no
    add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment="Worm" disabled=no
    add chain=virus protocol=tcp dst-port=2745 action=drop comment="Bagle_Virus" disabled=no
    add chain=virus protocol=tcp dst-port=2283 action=drop comment="Drop_Dumaru.Y" disabled=no
    add chain=virus protocol=tcp dst-port=2535 action=drop comment="Drop_Beagle" disabled=no
    add chain=virus protocol=tcp dst-port=2745 action=drop comment="Drop_Beagle.C-K" disabled=no
    add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment="Drop_MyDoom" disabled=no
    add chain=virus protocol=tcp dst-port=4444 action=drop comment="Worm" disabled=no
    add chain=virus protocol=udp dst-port=4444 action=drop comment="Worm" disabled=no
    add chain=virus protocol=tcp dst-port=5554 action=drop comment="Drop_Sasser" disabled=no
    add chain=virus protocol=tcp dst-port=8866 action=drop comment="Drop_Beagle.B" disabled=no
    add chain=virus protocol=tcp dst-port=9898 action=drop comment="Drop_Dabber.A-B" disabled=no
    add chain=virus protocol=tcp dst-port=10000 action=drop comment="Drop_Dumaru.Y" disabled=no
    add chain=virus protocol=tcp dst-port=10080 action=drop comment="Drop_MyDoom.B" disabled=no
    add chain=virus protocol=tcp dst-port=12345 action=drop comment="Drop_NetBus" disabled=no
    add chain=virus protocol=tcp dst-port=17300 action=drop comment="Drop_Kuang2" disabled=no
    add chain=virus protocol=tcp dst-port=27374 action=drop comment="Drop_SubSeven" disabled=no
    add chain=virus protocol=tcp dst-port=65506 action=drop comment="Drop_PhatBot,_Agobot,_Gaobot" disabled=no
    add chain=virus protocol=tcp dst-port=6776 action=drop comment="2000_Cracks" disabled=no
    add chain=virus protocol=tcp dst-port=32418 action=drop comment="Acid_Battery" disabled=no
    add chain=virus protocol=tcp dst-port=2000 action=drop comment="Acid_Battery" disabled=no
    add chain=virus protocol=tcp dst-port=52317 action=drop comment="Acid_Battery" disabled=no
    add chain=virus protocol=tcp dst-port=10520 action=drop comment="Acid_Shivers" disabled=no
    add chain=virus protocol=tcp dst-port=31 action=drop comment="Agent" disabled=no
    add chain=virus protocol=tcp dst-port=40421 action=drop comment="Agent" disabled=no
    add chain=virus protocol=tcp dst-port=777 action=drop comment="Aim_Spy" disabled=no
    add chain=virus protocol=tcp dst-port=25 action=drop comment="Ajan&AntiGen" disabled=no
    add chain=virus protocol=udp dst-port=10666 action=drop comment="Ambush" disabled=no
    add chain=virus protocol=tcp dst-port=30029 action=drop comment="AOL_Trojan" disabled=no
    [admin@MikroTik]
    Sumber Script dari sini (tapi sementara waktu lagi di disable karna untuk facebook lemot bener)

    sekarang masih nyari2 settingan yang pas.
    Last edited by osadharmawan; 13-08-2010 at 22:35.

  6. #6
    Status
    Offline
    dingo's Avatar
    Member Super Senior
    Join Date
    Jan 2008
    Location
    Puncak Kesejukan
    Posts
    641
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    add chain=input in-interface=ether1 connection-state=new action=add-src-to-address-list address-list=spam \
    address-list-timeout=30m comment="Log Ip Yang Di Tolak" disabled=no

    Hapus saja.

  7. The Following User Says Thank You to dingo For This Useful Post:


  8. #7
    Status
    Offline
    osadharmawan's Avatar
    Baru Gabung
    Join Date
    Apr 2009
    Posts
    13
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ok master,saya coba dulu.siapa tau masih muncul ^^'jiakakaka......Click here to enlarge

  9. #8
    Status
    Offline
    karaeng's Avatar
    VIP Member
    Join Date
    Jun 2010
    Posts
    958
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by osadharmawan Click here to enlarge
    sebelum nya nubie minta maaf.

    para Master MT ada yang tau tidak ini kenapa?!
    kok spam terbaca di address list yach?
    Click here to enlarge

    bisa tolong di jelaskan?Click here to enlarge



    Sumber Script dari sini (tapi sementara waktu lagi di disable karna untuk facebook lemot bener)

    sekarang masih nyari2 settingan yang pas.
    Inilah akibat Copy Paste Rule...
    tanpa ada pemahaman...
    maunya stelah muncul di addres list, harus nyari tahu... kira2 rule yg mana yg menyebabkan sperti itu......

    trus tempat kamu ngambil script rule, nga ngucapin trima kasih.... langsung main copas aja.......
    makanya banyak Tutorial yg di tutup, krena newbi hanya main kopas... udah kopas langsung pergi, trus masuk lagi buka lapak......
    Last edited by karaeng; 14-08-2010 at 12:50.

  10. #9
    Status
    Offline
    osadharmawan's Avatar
    Baru Gabung
    Join Date
    Apr 2009
    Posts
    13
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by karaeng Click here to enlarge
    Inilah akibat Copy Paste Rule...
    tanpa ada pemahaman...
    maunya stelah muncul di addres list, harus nyari tahu... kira2 rule yg mana yg menyebabkan sperti itu......

    trus tempat kamu ngambil script rule, nga ngucapin trima kasih.... langsung main copas aja.......
    makanya banyak Tutorial yg di tutup, krena newbi hanya main kopas... udah kopas langsung pergi, trus masuk lagi buka lapak......
    terima kasih banyak master karaeng udah mengingat kan saya yang banyak salah ^^'Click here to enlarge

    *coba dulu klo gak bisa baru teriak,ini pengalaman yang menarik guru. jadi malu Click here to enlarge

  11. #10
    Status
    Offline
    osadharmawan's Avatar
    Baru Gabung
    Join Date
    Apr 2009
    Posts
    13
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Problem SOLVED....^^'

    Special thanks buat Master DingoClick here to enlarge

    thanks buat master karaeng yang udah banyak ingetin ane sebagai orang awam Click here to enlarge

  12. The Following User Says Thank You to osadharmawan For This Useful Post:


  13. #11
    Status
    Offline
    supermanVSspiderman's Avatar
    Member
    Join Date
    Jun 2010
    Posts
    121
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by osadharmawan Click here to enlarge
    waw, suatu penghormatan buat saya.Click here to enlarge
    seorang master MT langsung menanggapi nya ^^'

    itu dia saya kurang tau gan,kok bisa muncul seperti itu.Click here to enlarge
    yuZ,benar ada firewall filter rule nya
    cara gelar nya gmn gan?maklum nubie.mohon pencerahan nya...Click here to enlarge

    karna nubie hanya bisa asal copas script saja.untuk edit2 nya ane kurang tau.Click here to enlarge
    Click here to enlargeClick here to enlargeClick here to enlargeClick here to enlarge

  14. The Following User Says Thank You to supermanVSspiderman For This Useful Post:


 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Firewall - Address List
    By Dody in forum Beginner Basics
    Replies: 18
    Last Post: 21-08-2010, 17:03
  2. menampilkan address list tertentu
    By awarmanf in forum Scripting @ Mikrotik
    Replies: 0
    Last Post: 08-05-2010, 20:44
  3. Membuat List Mac address user
    By Howl in forum General Networking
    Replies: 2
    Last Post: 02-05-2008, 20:46
  4. address list
    By c0nf in forum General Networking
    Replies: 3
    Last Post: 06-11-2007, 17:50
  5. [ASK] address list vs packet-mark
    By cocorex in forum General Networking
    Replies: 0
    Last Post: 16-10-2007, 11:00

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •