Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 11 of 11
  1. #1
    Status
    Offline
    kamezhu's Avatar
    Baru Gabung
    Join Date
    Dec 2009
    Posts
    12
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    gan ini penyusup bukan ?

    barusan lagi ngedit2, tapi lognya buanyak amir ini kenapa ya gan, apa dari koneksi ane yang ngerequest keluar apa dari luar ngejajal router ane Click here to enlarge

    Click here to enlarge

    Click here to enlarge


    agan master mikrotik tolong jabarkan ini maksud apa ya ? Click here to enlarge
    Last edited by kamezhu; 31-01-2011 at 20:32.

  2. #2
    Status
    Offline
    aduh_aduh's Avatar
    Calon Member
    Join Date
    Dec 2009
    Location
    Makassar - Sulawesi Selatan
    Posts
    94
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by kamezhu Click here to enlarge
    barusan lagi ngedit2, tapi lognya buanyak amir ini kenapa ya gan, apa dari koneksi ane yang ngerequest keluar apa dari luar ngejajal router ane Click here to enlarge

    Click here to enlarge

    Click here to enlarge


    agan master mikrotik tolong jabarkan ini maksud apa ya ? Click here to enlarge
    itu aritana ada user yg pengen masuk dari service ssh ke router sampean cuman g bisa masuk karena username ma pasword mash salah... coba aja klo bener ngeri dah Click here to enlarge


    udah bnyk kaya gini gan di forum ubek2 aja !!!

  3. The Following User Says Thank You to aduh_aduh For This Useful Post:


  4. #3
    Status
    Offline
    junan's Avatar
    Calon Member
    Join Date
    Apr 2010
    Posts
    83
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ngatasinya, search aja firewall di forum...


    ternyata (au) australi, pantes namane bule semua
    Click here to enlarge

  5. The Following User Says Thank You to junan For This Useful Post:


  6. #4
    Status
    Offline
    anazh12's Avatar
    Calon Member
    Join Date
    Aug 2010
    Location
    Bau-Bau Sulawesi Tengara
    Posts
    73
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by kamezhu Click here to enlarge
    barusan lagi ngedit2, tapi lognya buanyak amir ini kenapa ya gan, apa dari koneksi ane yang ngerequest keluar apa dari luar ngejajal router ane Click here to enlarge

    Click here to enlarge

    Click here to enlarge


    agan master mikrotik tolong jabarkan ini maksud apa ya ? Click here to enlarge
    kl gak butuh di remote mikrotiknya dari internet via ssh,, mendingan di blok aja portnya bro Click here to enlarge

    /ip firewall filter add action=drop chain=input comment=ssh disabled=no dst-port=22 in-interface=ether1 protocol=tcp

    ether1 ganti dgn interface jaringan internetnya bro

    CMIIWClick here to enlarge

  7. The Following User Says Thank You to anazh12 For This Useful Post:


  8. #5
    Status
    Offline
    s!mbahNET's Avatar
    Newbie
    Join Date
    Nov 2010
    Location
    Bantul, Djogjakarta
    Posts
    62
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    disable aja SSH nya bro......Click here to enlarge
    IP-SERVICES

  9. The Following User Says Thank You to s!mbahNET For This Useful Post:


  10. #6
    Status
    Offline
    vriz_ma's Avatar
    Baru Gabung
    Join Date
    Jul 2010
    Posts
    5
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by s!mbahNET Click here to enlarge
    disable aja SSH nya bro......Click here to enlarge
    IP-SERVICES
    setuju... blok aja sshnya,,, kalo perlu telnetnya sekalian... Click here to enlarge

  11. The Following User Says Thank You to vriz_ma For This Useful Post:


  12. #7
    Status
    Offline
    kamezhu's Avatar
    Baru Gabung
    Join Date
    Dec 2009
    Posts
    12
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Oke gan, thanks agan2 semua untuk jawabannya, saya block dulu port 22 kan ssh itu, Click here to enlarge

    berarti kalo remote pake winbox dari luar gak masalah dong kalo ssh nya saya block dari luar ? Click here to enlarge

  13. #8
    Status
    Offline
    Spring's Avatar
    Contributor
    Join Date
    Oct 2009
    Location
    Manado
    Posts
    964
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Kalo menurut ku sih gak usah di-disable (buat jaga2 nanti untuk keperluan remote dari luar)... mending ganti aja port standar nya SSH (22) ke 202 atau ke port brpa saja asal yang unregistered port biar gak bentrok sama port2 yang udah distandarisasi internasional... penggantian port juga baiknya diberlakukan untuk service2 yang lain kayak winbox (8291), FTP (21), Telnet (23), dll...

    dan untuk menghindari port2 tersebut di ketahui dari pihak luar maka buat rule untuk blok Port Scanner >

    Code:
    /ip firewall filter add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="Port scanners to list " disabled=no
    
    /ip firewall filter add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP FIN Stealth scan"
    
    /ip firewall filter add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/FIN scan"
    
    /ip firewall filter add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/RST scan"
    
    /ip firewall filter add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="FIN/PSH/URG scan"
    
    /ip firewall filter add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="ALL/ALL scan"
    
    /ip firewall filter add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP NULL scan"
    
    /ip firewall filter add chain=input src-address-list="port scanners" action=drop comment="dropping port scanners" disabled=no
    dan untuk menjauhkan IP public kita dari para Crackers (pencari celah) maka sebaiknya blok ping (ICMP) dari sisi WAN...

    Code:
    /ip firewall filter add chain=input protocol=icmp in-interface=[WAN] action=drop
    Terakhir, buat rule untuk memblok IP dari user yang sudah lebih dari 5x login failure.. copas aja sendiri tutorialnya agan Okto

    semoga bermanfaat Click here to enlarge

  14. The Following User Says Thank You to Spring For This Useful Post:


  15. #9
    Status
    Offline
    whiely's Avatar
    Member Senior
    Join Date
    Jun 2010
    Location
    :unidentified:
    Posts
    423
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Lightbulb

    di buat gini aja:

    Code:
    /ip service
    set telnet address=0.0.0.0/0 disabled=yes port=23
    set ftp address=0.0.0.0/0 disabled=yes port=21
    set www address=0.0.0.0/0 disabled=yes port=80
    set ssh address=0.0.0.0/0 disabled=yes port=22
    set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
    set api address=0.0.0.0/0 disabled=yes port=8728
    set winbox address=0.0.0.0/0 disabled=no port=8291
    Click here to enlargeClick here to enlarge

  16. The Following User Says Thank You to whiely For This Useful Post:


  17. #10
    capslock
    capslock's Avatar
    Click here to enlarge Originally Posted by whiely Click here to enlarge
    di buat gini aja:

    Code:
    /ip service
    set telnet address=0.0.0.0/0 disabled=yes port=23
    set ftp address=0.0.0.0/0 disabled=yes port=21
    set www address=0.0.0.0/0 disabled=yes port=80
    set ssh address=0.0.0.0/0 disabled=yes port=22
    set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
    set api address=0.0.0.0/0 disabled=yes port=8728
    set winbox address=0.0.0.0/0 disabled=no port=8291
    Click here to enlargeClick here to enlarge
    trus akses user-manajernya gimana Gan kalau Click here to enlarge
    Code:
    /ip service
    set www address=0.0.0.0/0 disabled=yes port=80
    apa perlu dibuka lagi Portx atau gimana ne gan,,, ???Click here to enlarge Click here to enlarge
    Last edited by capslock; 04-12-2012 at 19:42.

  18. #11
    Status
    Offline
    CyberspaceNT's Avatar
    Calon Member
    Join Date
    Nov 2009
    Posts
    79
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    firewall filter rulenya disempurnakan lagi, insya allah teratasi



 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Cara gabungin 2 ISP tapi bukan LB
    By underkost in forum Beginner Basics
    Replies: 27
    Last Post: 29-08-2010, 23:40
  2. PCI R52N di RB 433 ( bukan RB 433 AH)
    By dedik in forum General Networking
    Replies: 1
    Last Post: 31-03-2010, 00:25
  3. R52N dan R2N di rb 433 mipsbe (bukan rb433 AH)
    By dedik in forum Wireless Networking
    Replies: 22
    Last Post: 23-03-2010, 03:04

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •