Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 3 123 LastLast
Results 1 to 15 of 31
  1. #1
    Status
    Offline
    c0nf's Avatar
    Contributor
    Join Date
    Jul 2007
    Location
    Bandung, Indonesia
    Posts
    1,816
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Firewall untuk block virus

    Gunakan rules di bawah dengan hati2, salah2 malah game online atau mungkin aplikasi internet anda akan di block oleh firewall ini

    Code:
    /ip firewall filter
    add chain=virus protocol=tcp dst-port=135-139 action=drop comment="Drop Blaster Worm"
    add chain=virus protocol=udp dst-port=135-139 action=drop comment="Drop Messenger Worm"
    add chain=virus protocol=tcp dst-port=445 action=drop comment="Drop Blaster Worm"
    add chain=virus protocol=udp dst-port=445 action=drop comment="Drop Blaster Worm"
    add chain=virus protocol=tcp dst-port=593 action=drop comment="________"
    add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment="________"
    add chain=virus protocol=tcp dst-port=1080 action=drop comment="Drop MyDoom"
    add chain=virus protocol=tcp dst-port=1214 action=drop comment="________"
    add chain=virus protocol=tcp dst-port=1363 action=drop comment="ndm requester"
    add chain=virus protocol=tcp dst-port=1364 action=drop comment="ndm server"
    add chain=virus protocol=tcp dst-port=1368 action=drop comment="screen cast"
    add chain=virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx"
    add chain=virus protocol=tcp dst-port=1377 action=drop comment="cichlid"
    add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment="Worm"
    add chain=virus protocol=tcp dst-port=2745 action=drop comment="Bagle Virus"
    add chain=virus protocol=tcp dst-port=2283 action=drop comment="Drop Dumaru.Y"
    add chain=virus protocol=tcp dst-port=2535 action=drop comment="Drop Beagle"
    add chain=virus protocol=tcp dst-port=2745 action=drop comment="Drop Beagle.C-K"
    add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment="Drop MyDoom"
    add chain=virus protocol=tcp dst-port=3410 action=drop comment="Drop Backdoor OptixPro"
    add chain=virus protocol=tcp dst-port=4444 action=drop comment="Worm"
    add chain=virus protocol=udp dst-port=4444 action=drop comment="Worm"
    add chain=virus protocol=tcp dst-port=5554 action=drop comment="Drop Sasser"
    add chain=virus protocol=tcp dst-port=8866 action=drop comment="Drop Beagle.B"
    add chain=virus protocol=tcp dst-port=9898 action=drop comment="Drop Dabber.A-B"
    add chain=virus protocol=tcp dst-port=10000 action=drop comment="Drop Dumaru.Y"
    add chain=virus protocol=tcp dst-port=10080 action=drop comment="Drop MyDoom.B"
    add chain=virus protocol=tcp dst-port=12345 action=drop comment="Drop NetBus"
    add chain=virus protocol=tcp dst-port=17300 action=drop comment="Drop Kuang2"
    add chain=virus protocol=tcp dst-port=27374 action=drop comment="Drop SubSeven"
    add chain=virus protocol=tcp dst-port=65506 action=drop comment="Drop PhatBot,Agobot, Gaobot"
    add chain=virus protocol=udp dst-port=12667 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=udp dst-port=27665 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=udp dst-port=31335 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=udp dst-port=27444 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=udp dst-port=34555 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=udp dst-port=35555 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=tcp dst-port=27444 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=tcp dst-port=27665 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=tcp dst-port=31335 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=tcp dst-port=31846 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=tcp dst-port=34555 action=drop comment="Trinoo" disabled=no
    add chain=virus protocol=tcp dst-port=35555 action=drop comment="Trinoo" disabled=no

    Code:
    add action=drop chain=forward comment=";;Block W32.Kido - Conficker" disabled=no protocol=udp src-port=135-139,445
    add action=drop chain=forward comment="" disabled=no dst-port=135-139,445 protocol=udp
    add action=drop chain=forward comment="" disabled=no protocol=tcp src-port=135-139,445,593
    add action=drop chain=forward comment="" disabled=no dst-port=135-139,445,593 protocol=tcp
    chain di atas merupakan salah satu alternatif untuk membatasi penyebaran virus kido/conficker yang walaupun sudah menunjukkan tanda2 penurunan aktivitasnya, tapi sampai sekarang masih merajalela di seluruh dunia.

  2. #2
    Status
    Offline
    iporthub212's Avatar
    Baru Gabung
    Join Date
    Oct 2011
    Location
    kal-bar
    Posts
    5
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    mf master... tlg bantuin saya donk.Click here to enlarge!! saya pusing banget nie ama yang namanya GENERIC HOST PROCESS FOR WIN32 SERVICE (virus kali ya..) capek banget di buatnyaClick here to enlarge. please ya master bantuin ane pake RB 750, ane newbe banget ni...Click here to enlargeClick here to enlarge

  3. #3
    Status
    Offline
    sickofme's Avatar
    Baru Gabung
    Join Date
    Jul 2007
    Posts
    8
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    tanya

    master, numpang nanya dung.

    Firewal diatas untuk block port dari LAN atau dari WAN ?

    dengan kata lain apakah artinya Firewall akan block port yang berasal dari komputer client dalam LAN yang terkena virus kemudian broadcast ke port virus tertentu dan di blok oleh Firewall sebelum keluar dr gateway,

    atau kah

    serangan dari WAN yang mau masuk ke LAN ?

    mohon pencerahan,

    thanks,

  4. #4
    Status
    Offline
    rahwana's Avatar
    Forum Guru
    Join Date
    Nov 2007
    Location
    Sidoarjo, Jawa Timur, Indonesia, Indonesia
    Posts
    1,338
    Reviews
    Read 0 Reviews
    Downloads
    2
    Uploads
    0
    Feedback Score
    0
    rata2 firewall ini menunjuk pada filter port tujuan sekian. Jadi mau datang dari LAN atau WAN, asal menuju port sekian tadi akan di blok.
    Jadi kalau komputer LAN sudah terkena virus, maka virus itu tidak akan sampai ke internet karena di blok dari firewall mikrotik kita.
    Tapi apakah virus itu tidak bisa masuk ke LAN kita dari luar? BISA! karena virus biasanya masuk melalui email atau file download atau website tertentu. Jadi cara menahan virus paling efektif adalah dengan antivirus. Tapi cara membantu agar internet tidak diserang virus adalah dengan memblokir mikrotik kita agar tidak 'menyerang' ke luar dengan pasang firewall.