Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 8 of 9 FirstFirst ... 6789 LastLast
Results 106 to 120 of 122
  1. #106
    Status
    Offline
    k4mil's Avatar
    Baru Gabung
    Join Date
    Nov 2010
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by nofri Click here to enlarge
    Click here to enlarge net cut
    berikut cara mencegah NetCut di jaringan hotspot saya

    1. pake winbox aja biar gampang.
    2. masuk ke IP > DHCP Server
    3. pilih konfigurasi DHCP yang digunakan untuk hotspot anda, kalo' saya, menggunakan settingan default DHCP aja
    4. di sini saya cuma mengganti waktu sewa IP menjadi 1 hari
    5. dan yang paling penting, aktifkan opsi Add ARP for Leases, opsi ini untuk mencegah ARP Spoofing oleh NetCut

    lebih aman lagi, drop semua paket ICMP pada firewall, jadi tambahin aja (soalnya pernah baca, kalo NetCut itu menggunakan ICMP untuk apanyaaa gitu, eh satu lagi, kalo rule ini diterapkan, jangan bingung ya, soalnya ping pasti ga bisa !!!!)


    /ip firewall filter
    add action=accept chain=input comment="default configuration (anti netcut, defaultnya accept)" disabled=no protocol=icmp

    anti conflikerClick here to enlarge
    / ip firewall filter
    add chain=forward protocol=udp src-port=135-139 action=drop comment=";;Block W32.Kido - Conficker" disabled=no
    add chain=forward protocol=udp dst-port=135-139 action=drop comment="" disabled=no
    add chain=forward protocol=udp src-port=445 action=drop comment="" disabled=no
    add chain=forward protocol=udp dst-port=445 action=drop comment="" disabled=no
    add chain=forward protocol=tcp src-port=135-139 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=135-139 action=drop comment="" disabled=no
    add chain=forward protocol=tcp src-port=445 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=445 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=4691 action=drop comment="" disabled=no
    add chain=forward protocol=tcp dst-port=5933 action=drop comment="" disabled=no
    add chain=forward protocol=udp dst-port=5355 action=drop comment="Block LLMNR" disabled=no
    add chain=forward protocol=udp dst-port=4647 action=drop comment="" disabled=no
    add action=drop chain=forward comment="SMTP Deny" disabled=no protocol=tcp src-port=25
    add action=drop chain=forward comment="" disabled=no dst-port=25 protocol=tcp
    di jaminClick here to enlarge

    yang laen....Click here to enlarge
    Melindungi FTP Server Mikrotik Anda

    / ip firewall filter
    add chain=input in-interface=bridge1 protocol=tcp dst-port=21 src-address-list=ftp_blacklist action=drop

    # accept 10 incorrect logins per minute
    / ip firewall filter
    add chain=output action=accept protocol=tcp content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m

    #add to blacklist
    add chain=output action=add-dst-to-address-list protocol=tcp content="530 Login incorrect" address-list=ftp_blacklist address-list-timeout=3h

    =======================================

    Ingat, urutan diatas harus tepat...tidak boleh tertukar-tukar...
    Mari kita bahas satu persatu dari rule-rule diatas...


    / ip firewall filter
    add chain=input in-interface=ether1 protocol=tcp dst-port=21 src-address-list=ftp_blacklist action=drop

    Rule pertama ini akan melakukan filtering untuk traffik yang berasal dari ether1
    (silahkan dirubah sesuai kebutuhan), protocol TCP dengan port 21...dan IP asal traffik
    dicocokkan dengan addr-list ftp_blacklist (yang akan dicreate di rule berikutnya)....
    bila cocok / positif maka action drop akan dilakukan...
    Bila ada yang melakukan brute force attack untuk pertama kalinya,
    rule pertama ini tidak melakukan apa2...Namun apabila IP-nya telah tercatat,
    maka akan langsung di Drop.

    -------------------------------------
    # accept 10 incorrect logins per minute
    / ip firewall filter
    add chain=output action=accept protocol=tcp content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m

    Rule ini bertindak sebagai pengawas,
    apakah dari IP tertentu telah melakukan Login secara Incorrect sebanyak 9 kali
    dalam jangka waktu 1 menit....Jadi bila masih dalam batasan 9 kali dalam 1 menit
    maka masih akan diaccept...Nah apabila telah melampaui 9 kali,
    maka rule ini tidak akan apply dan akan lanjut ke rule setelahnya yakni...


    -------------------------------------
    #add to blacklist
    add chain=output action=add-dst-to-address-list protocol=tcp content="530 Login incorrect" address-list=blacklist address-list-timeout=3h

    Rule ini akan menambahkan IP sang penyerang ke dalam addr-list bernama ftp_blacklist...hanya itu yang dilakukan rule ini...
    Nah, pada saat percobaan yang ke-11 serangan ini akan di Drop oleh Rule yang Pertama....



    Click here to enlarge dapet dari forum juga.... moga bermanfaat

    ijin incip

  2. #107
    Status
    Offline
    kocenk's Avatar
    Baru Gabung
    Join Date
    Jun 2010
    Location
    Kab Mukomuko
    Posts
    12
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Kagak bisa di atasi pusing

    walah netcut vs mikrotik susah booos kagak bisa ngatasi ampun dah...Click here to enlarge
    gimana ya ngatasi netcut ya minimal ngatasi anti cloning deh di mikrotik karena netcut hanya perantara duank gitu oknum dan lihat ip dan mac address mulai dah beraksi pc oknum macnya akan di cloning ama hasil yg didapat dari netcut udah deh bisa internetan ria parahnya mikrotik kagak kedetek Click here to enlarge

  3. #108
    Status
    Offline
    abu_faris78's Avatar
    Baru Gabung
    Join Date
    Jun 2009
    Posts
    14
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    mungkin harus disampaikan ke si pembuat software mikrotik agar ada solusi sesegera mungkin, trims
    Last edited by abu_faris78; 28-10-2011 at 16:11.

  4. #109
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by kocenk Click here to enlarge
    walah netcut vs mikrotik susah booos kagak bisa ngatasi ampun dah...Click here to enlarge
    gimana ya ngatasi netcut ya minimal ngatasi anti cloning deh di mikrotik karena netcut hanya perantara duank gitu oknum dan lihat ip dan mac address mulai dah beraksi pc oknum macnya akan di cloning ama hasil yg didapat dari netcut udah deh bisa internetan ria parahnya mikrotik kagak kedetek Click here to enlarge
    tambahin alat lagi dengan swos 250gs netcut sudah ga bisa running.tested !

  5. #110
    Status
    Offline
    dhopack's Avatar
    Forum Guru
    Join Date
    Dec 2010
    Location
    KUDUS
    Posts
    1,919
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by donipermono1982 Click here to enlarge
    tambahin alat lagi dengan swos 250gs netcut sudah ga bisa running.tested !
    tested di hotspot atau di LAN om?atau dua2nya?mohon pencerahannya soale blm pernah pake swos 250g nih,

  6. #111
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by dhopack Click here to enlarge
    tested di hotspot atau di LAN om?atau dua2nya?mohon pencerahannya soale blm pernah pake swos 250g nih,
    Di Hotspot. Saya rasa untuk LAN configurasinya sama aja Click here to enlarge.

  7. The Following User Says Thank You to donipermono1982 For This Useful Post:


  8. #112
    Status
    Offline
    patrick's Avatar
    Newbie
    Join Date
    Jun 2010
    Posts
    60
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    klo cuma pake 1 acces point ndak perlu 250 GS asalkan fitur client isolationnya di AP dinyalakan. klo pake lebih dari satu AP terpaksa harus beli 250 GS dan fitur client isolation AP dinyalakan semua. net cut bisa diatasi. tetapi yg jadi masalah clone mac address. yg susah diatasi.

  9. #113
    Status
    Offline
    abu_faris78's Avatar
    Baru Gabung
    Join Date
    Jun 2009
    Posts
    14
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    kebutulan punya ana ada 3 akses point (RB433AH,Bullet sama EOC 2611) pakai router indor RB 493

    ------------------ Lan
    ------------------ |
    speedy -------RB493------Proxy
    ------------------ |
    --------- AP1----Hub------AP2
    ------------------ |
    ------------------ AP3

    berhubung saya belum faham :
    1. posisi SWOS di tempatkan dimana?
    2. Settingannya SWOSnya seperti apa?
    Last edited by abu_faris78; 29-10-2011 at 07:53.

  10. #114
    Status
    Offline
    patrick's Avatar
    Newbie
    Join Date
    Jun 2010
    Posts
    60
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ko tempatku SWOS 250 GS ditaruh dibelakang RB indoor.

    modem
    |
    RB Indoor
    |
    250 GS
    |
    AP1-----AP2------------------AP3----------AP4

    klo settingan tinggal buka web nya 250 GS fowarding tinggal diarahin aja bos

    klo kurang jelas tanya om doni aja bos dia udah pengalaman ama yg kaya gini.
    Last edited by patrick; 29-10-2011 at 08:04.

  11. #115
    Status
    Offline
    donipermono1982's Avatar
    Moderator
    Join Date
    Feb 2008
    Location
    Jakarta Selatan
    Posts
    2,809
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by patrick Click here to enlarge
    klo cuma pake 1 acces point ndak perlu 250 GS asalkan fitur client isolationnya di AP dinyalakan. klo pake lebih dari satu AP terpaksa harus beli 250 GS dan fitur client isolation AP dinyalakan semua. net cut bisa diatasi. tetapi yg jadi masalah clone mac address. yg susah diatasi.
    client isolation dah pernah saya coba netcut tetap bisa clone mac address. fungsi netcut kan salah satu nya clone mac address client yang di jadikan target. cmiiw

    Click here to enlarge Originally Posted by abu_faris78 Click here to enlarge
    kebutulan punya ana ada 3 akses point (RB433AH,Bullet sama EOC 2611) pakai router indor RB 493

    ------------------ Lan
    ------------------ |
    speedy -------RB493------Proxy
    ------------------ |
    --------- AP1----Hub------AP2
    ------------------ |
    ------------------ AP3

    berhubung saya belum faham :
    1. posisi SWOS di tempatkan dimana?
    2. Settingannya SWOSnya seperti apa?
    Click here to enlarge Originally Posted by patrick Click here to enlarge
    ko tempatku SWOS 250 GS ditaruh dibelakang RB indoor.

    modem
    |
    RB Indoor
    |
    250 GS
    |
    AP1-----AP2------------------AP3----------AP4

    klo settingan tinggal buka web nya 250 GS fowarding tinggal diarahin aja bos

    klo kurang jelas tanya om doni aja bos dia udah pengalaman ama yg kaya gini.
    malah saya dapat ilham dari mas patrick. merendah aja ni Click here to enlarge.

    contoh topologi mas patrick sudah benar. tinggal di setting aja bagian forwarding swos nya. Click here to enlarge

  12. #116
    Status
    Offline
    patrick's Avatar
    Newbie
    Join Date
    Jun 2010
    Posts
    60
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    notes client islolation klo memakai mode AP WDS dan kita memakai repeater net cut masih bisa liat IP dan MAC client.
    contoh

    modem
    |
    RB Indoor
    |
    250 GS
    |
    Ether 1 AP1 Mode AP WDS -----Ether 2 AP2------------------Ether 3 AP3----------Ether 4 AP4
    |
    AP mode repeater
    |-------|-----------| ----------|
    client1 client2 client3 client4

    yg dari sisi clien 1,2,3,4, klo dia pake net cut dia bisa liat IP dan Mac client yg terhubung dari AP 1!
    klo AP 2,AP3 dia ndak bisa lihat IP dan MAC client yg terhubung ke AP2,AP3 karena udah dipisah melalui manageable switch .

  13. #117
    Status
    Offline
    boled's Avatar
    Member
    Join Date
    Aug 2009
    Location
    Cilacap
    Posts
    246
    Reviews
    Read 0 Reviews
    Downloads
    14
    Uploads
    1
    Feedback Score
    0
    Click here to enlarge Originally Posted by patrick Click here to enlarge
    notes client islolation klo memakai mode AP WDS dan kita memakai repeater net cut masih bisa liat IP dan MAC client.
    contoh

    modem
    |
    RB Indoor
    |
    250 GS
    |
    Ether 1 AP1 Mode AP WDS -----Ether 2 AP2------------------Ether 3 AP3----------Ether 4 AP4
    |
    AP mode repeater
    |-------|-----------| ----------|
    client1 client2 client3 client4

    yg dari sisi clien 1,2,3,4, klo dia pake net cut dia bisa liat IP dan Mac client yg terhubung dari AP 1!
    klo AP 2,AP3 dia ndak bisa lihat IP dan MAC client yg terhubung ke AP2,AP3 karena udah dipisah melalui manageable switch .
    Di AP di set WDS apakah resource AP ndak terlalu berat gan...?

  14. #118
    Status
    Offline
    patrick's Avatar
    Newbie
    Join Date
    Jun 2010
    Posts
    60
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    punyaku AP sentral pake BM2 terus jumlah repeater nya 1 pake TP link 5210 jumlah client repeater 4 untuk kost cewek bos, ndak apa2 baik2 aja sampai sekarang aku ping ke server,ke DNS, sambil dimuatin beban aman2 aja ping latency ke server cuma 1 s/d 10 ms. total client di BM2 klo rame 10 client yg masuk di BM2.

  15. The Following User Says Thank You to patrick For This Useful Post:


  16. #119
    Status
    Offline
    ricky.romdhoni's Avatar
    Baru Gabung
    Join Date
    Apr 2012
    Posts
    3
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    misi gan ane perlu pencerahan nih..
    Disini ane pake RB750 sama AP DDWRT..
    ane eksperimen pake netcut nih buat jaringan ane
    waktu ane konfigurasi g pake autentikasi hotspot, bisa ane putus tuh jaringan..Click here to enlarge
    nah waktu ane konfigurasi autentikasi pake system hotspot, netcutnya g bisa buat mutus jaringannya.
    yang ane tanyain ke agan2 semua ini kok bisa gitu ya? ane coba cari kenapa netcut g mempan ke autentikasi hotspot, tp ga ada..
    Click here to enlarge
    mohon pencerahan gan

  17. #120
    Status
    Offline
    g_bLunk's Avatar
    Calon Member
    Join Date
    May 2012
    Location
    Bandung
    Posts
    83
    Reviews
    Read 0 Reviews
    Downloads
    5
    Uploads
    0
    Feedback Score
    0
    sekedar share,
    kalo ane pake filter rule di mikrotiknya,

    4 ;;; ANTI NETCUT
    chain=input action=add-src-to-address-list protocol=tcp address-list=DDOS
    address-list-timeout=15s dst-port=1337

    5 chain=input action=add-src-to-address-list protocol=tcp
    src-address-list=knock address-list=DDOS address-list-timeout=15m
    dst-port=7331

    6 ;;; Port scanners to list
    chain=input action=add-src-to-address-list protocol=tcp psd=21,3s,3,1
    address-list=port scanners address-list-timeout=2w

    7 ;;; SYN/FIN scan
    chain=input action=add-src-to-address-list tcp-flags=fin,syn protocol=tcp
    address-list=port scanners address-list-timeout=2w

    8 ;;; SYN/RST scan
    chain=input action=add-src-to-address-list tcp-flags=syn,rst protocol=tcp
    address-list=port scanners address-list-timeout=2w

    9 ;;; FIN/PSH/URG scan
    chain=input action=add-src-to-address-list
    tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp
    address-list=port scanners address-list-timeout=2w

    10 ;;; ALL/ALL scan
    chain=input action=add-src-to-address-list
    tcp-flags=fin,syn,rst,psh,ack,urg protocol=tcp address-list=port scanners
    address-list-timeout=2w
    11 ;;; NMAP NULL scan
    chain=input action=add-src-to-address-list
    tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg protocol=tcp
    address-list=port scanners address-list-timeout=2w

    12 ;;; NMAP FIN Stealth scan
    chain=input action=add-src-to-address-list protocol=tcp
    address-list=port scanners address-list-timeout=2w

    13 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=61.213.183.1-61.213.183.254 dst-port=0-65535

    14 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=67.195.134.1-67.195.134.254 dst-port=0-65535

    15 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=68.142.233.1-68.142.233.254 dst-port=0-65535

    16 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=68.180.217.1-68.180.217.254 dst-port=0-65535

    17 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=203.84.204.1-203.84.204.254 dst-port=0-65535

    18 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=69.63.176.1-69.63.176.254 dst-port=0-65535

    19 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=69.63.181.1-69.63.181.254 dst-port=0-65535

    20 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=63.245.209.1-63.245.209.254 dst-port=0-65535

    21 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=63.245.213.1-63.245.213.254 dst-port=0-65535
    sampai saat ini pun lancar jaya gk ada tuh yang namanya netcut, udah ane testi di install di PC sendiri pun gak ada dampak apa2. Click here to enlarge
    Click here to enlarge
    CMIIW

 

 
Page 8 of 9 FirstFirst ... 6789 LastLast

Thread Information

Users Browsing this Thread

There are currently 5 users browsing this thread. (0 members and 5 guests)

Similar Threads

  1. cara blokir browsing nya aja
    By ud1geol in forum Beginner Basics
    Replies: 42
    Last Post: 12-06-2011, 15:09
  2. [HeLeP] Blokir MAC Address Basis HotSpot
    By Akangage in forum General Networking
    Replies: 15
    Last Post: 05-12-2010, 16:32
  3. (ASK) cara ngakalin blokir file extension tertentu?
    By manmalay in forum General Networking
    Replies: 13
    Last Post: 03-04-2009, 21:43
  4. [ASK] bagaimana blokir port2 tertentu ?
    By rendyka in forum General Networking
    Replies: 1
    Last Post: 30-03-2008, 12:15

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •