Login

Esqueci minha senha

lateral
Estatísticas
Temos 29309 usuários registrados
O último usuário registrado atende pelo nome de hg3la

Os nossos membros postaram um total de 37322 mensagens em 5571 assuntos

Varias regras para nao pegar virus no mikrotik

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Varias regras para nao pegar virus no mikrotik

Mensagem por jackfukuta em Ter 5 Jun - 13:49

Espero que ajude alguns aqui.

Tenho todas essas regras e todas funcionando normal.
Tem umas que sao para portas.

/ip firewall filter
add action=jump chain=input comment="REPASA TRAFICO PARA CANAL VIRUS" \
disabled=no jump-target=VIRUS
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=reject chain=forward comment="" disabled=no p2p=all-p2p \
reject-with=icmp-network-unreachable
add action=accept chain=input comment="AceptA EL winbox" disabled=no \
dst-port=8291 protocol=tcp
add action=drop chain=input comment="BLOQUEA SCAN POR WINBOX" disabled=no \
dst-port=5678 protocol=udp
add action=jump chain=input comment=\
"REPASA TRAFICO PARA VERIFICion DE PUERTOS" disabled=no jump-target=\
"P2P E PORTAS"
add action=jump chain=forward comment="" disabled=no jump-target=VIRUS
add action=jump chain=input comment="BLOQUEO DE IPS BOGONS" disabled=no \
jump-target=BOGONS
add action=jump chain=forward comment="" disabled=no jump-target=BOGONS
add action=accept chain=input comment="ACEPTA CONEXIONES NUEVAS" \
connection-state=new disabled=no
add action=accept chain="P2P PUERTOS" comment="PUERTOS DE P2P ////////////////\
//////////////////////////////////////////////////////////////////////////\
//////////////////////////////////////////////////////" disabled=yes \
dst-port=6346-6349 protocol=tcp
add action=accept chain=forward comment="" connection-state=new disabled=no
add action=accept chain=input comment="ACEPTA CONEXIONES ESTABELECIDAS" \
connection-state=established disabled=no
add action=accept chain=forward comment="" connection-state=established \
disabled=no
add action=accept chain=input comment="ACEPTA CONEXIONES RELACIONADAS" \
connection-state=related disabled=no
add action=accept chain=forward comment="" connection-state=related disabled=\
no
add action=accept chain="P2P E PORTAS" comment=FTP disabled=no dst-port=21 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="OUTLOOK EXPRESS" disabled=no \
dst-port=110 protocol=tcp
add action=accept chain="P2P E PORTAS" comment=DNS disabled=no dst-port=53 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment=E-MAIL disabled=no dst-port=25 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="portas do ITR" disabled=no \
dst-port=5636 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5636 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=3456 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="Autenticacion de MSN" \
disabled=no dst-port=1863 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1080 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1853 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment=skipe disabled=no dst-port=\
30369 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="PORTAS DO KAZAA" disabled=no \
dst-port=1214 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="PORTAS DO E-MULE" disabled=\
yes dst-port=4662 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=4662 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
6346-6348 protocol=udp
add action=accept chain="P2P E PORTAS" comment="PORTAS DO BITTORRENT" \
disabled=no dst-port=6881-6889 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
6881-6889 protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1214 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="PORTAS RANDON DO BIT TORRENT" \
disabled=yes dst-port=57792 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=yes dst-port=57792 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="porta servidor CS" disabled=\
no dst-port=27015 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27015 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
protocol=udp
add action=drop chain="P2P E PORTAS" comment="BLOQUEA NETBIOS TCP" disabled=\
no dst-port=137-139 protocol=tcp src-port=137-139
add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
protocol=tcp src-port=445
add action=drop chain="P2P E PORTAS" comment="BLOQUEA NETBIOS UDP" disabled=\
no dst-port=137-139 protocol=udp src-port=137-139
add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
protocol=udp src-port=445
add action=accept chain="P2P E PORTAS" comment="ALL P2P" disabled=yes p2p=\
all-p2p
add action=drop chain=VIRUS comment="LISTA DE VIRUS///////////////////////////\
//////////////////////////////////////////////////////////////////////////\
////////////////////////////////////////////////////" disabled=no \
protocol=tcp src-port=445
add action=drop chain=VIRUS comment="" disabled=no dst-port=445 protocol=tcp
add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no protocol=\
udp src-port=445
add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no dst-port=\
445 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no protocol=tcp src-port=\
135-139
add action=drop chain=VIRUS comment="" disabled=no protocol=udp src-port=\
135-139
add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
udp
add action=drop chain=VIRUS comment=________ disabled=no dst-port=593 \
protocol=tcp
add action=drop chain=VIRUS comment=________ disabled=no dst-port=1024-1030 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop MyDoom" disabled=no dst-port=1080 \
protocol=tcp
add action=drop chain=VIRUS comment=________ disabled=no dst-port=1214 \
protocol=tcp
add action=drop chain=VIRUS comment="ndm requester" disabled=no dst-port=1363 \
protocol=tcp
add action=drop chain=VIRUS comment="ndm server" disabled=no dst-port=1364 \
protocol=tcp
add action=drop chain=VIRUS comment="screen cast" disabled=no dst-port=1368 \
protocol=tcp
add action=drop chain=VIRUS comment=hromgrafx disabled=no dst-port=1373 \
protocol=tcp
add action=drop chain=VIRUS comment=cichlid disabled=no dst-port=1377 \
protocol=tcp
add action=drop chain=VIRUS comment=Worm disabled=no dst-port=1433-1434 \
protocol=tcp
add action=drop chain=VIRUS comment="Bagle VIRUS" disabled=no dst-port=2745 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Dumaru.Y" disabled=no dst-port=2283 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Beagle" disabled=no dst-port=2535 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Beagle.C-K" disabled=no dst-port=\
2745 protocol=tcp
add action=drop chain=VIRUS comment="Drop MyDoom" disabled=no dst-port=3127 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Backdoor OptixPro" disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=VIRUS comment=Worm disabled=no dst-port=4444 protocol=\
tcp
add action=drop chain=VIRUS comment=Worm disabled=no dst-port=4444 protocol=\
udp
add action=drop chain=VIRUS comment="Drop Sasser" disabled=no dst-port=5554 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Beagle.B" disabled=no dst-port=8866 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Dabber.A-B" disabled=no dst-port=\
9898 protocol=tcp
add action=drop chain=VIRUS comment="Drop Dumaru.Y" disabled=no dst-port=\
10000 protocol=tcp
add action=drop chain=VIRUS comment="Drop MyDoom.B" disabled=no dst-port=\
10080 protocol=tcp
add action=drop chain=VIRUS comment="Drop NetBus" disabled=no dst-port=12345 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Kuang2" disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop SubSeven" disabled=no dst-port=\
27374 protocol=tcp
add action=drop chain=VIRUS comment="Drop PhatBot, Agobot, Gaobot" disabled=\
no dst-port=65506 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=513 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=513 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=525 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=525 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=568-569 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=568-569 protocol=\
udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1512 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1512 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=396 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=396 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1366 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1366 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1416 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1416 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=201-209 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=201-209 protocol=\
udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=545 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=545 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1381 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1381 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3031 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3031 protocol=udp
add action=drop chain=VIRUS comment="2000 cracks" disabled=no dst-port=6776 \
protocol=tcp
add action=drop chain=VIRUS comment="Acid Battery" disabled=no dst-port=32418 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2000 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=52317 protocol=\
tcp
add action=drop chain=VIRUS comment="Acid Shivers" disabled=no dst-port=10520 \
protocol=tcp
add action=drop chain=VIRUS comment="Agent 31" disabled=no dst-port=31 \
protocol=tcp
add action=drop chain=VIRUS comment="Agent 40421" disabled=no dst-port=40421 \
protocol=tcp
add action=drop chain=VIRUS comment="Aim Spy" disabled=no dst-port=777 \
protocol=tcp
add action=drop chain=VIRUS comment=Ambush disabled=no dst-port=10666 \
protocol=tcp
add action=drop chain=VIRUS comment="AOL Trojan" disabled=no dst-port=30029 \
protocol=tcp
add action=drop chain=VIRUS comment="Attack FTP" disabled=no dst-port=666 \
protocol=tcp
add action=drop chain=VIRUS comment="Back Construction" disabled=no dst-port=\
5400-5401 protocol=tcp
add action=drop chain=VIRUS comment="Back Door Setup" disabled=no dst-port=\
5000-5001 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=7789 protocol=tcp
add action=drop chain=VIRUS comment="Back Orifice" disabled=no dst-port=\
31337-31338 protocol=tcp
add action=drop chain=VIRUS comment="Back Orifice 2000" disabled=no dst-port=\
54320-54321 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=8787 protocol=tcp
add action=drop chain=VIRUS comment="Back Orifice DLL" disabled=no dst-port=\
1349 protocol=udp
add action=drop chain=VIRUS comment=BackDoor disabled=no dst-port=1999 \
protocol=tcp
add action=drop chain=VIRUS comment=BackDoor-G disabled=no dst-port=1243 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6776 protocol=tcp
add action=drop chain=VIRUS comment=BackDoor-QE disabled=no dst-port=10452 \
protocol=tcp
add action=drop chain=VIRUS comment=BackDoor-QO disabled=no dst-port=3332 \
protocol=tcp
add action=drop chain=VIRUS comment=BackDoor-QR disabled=no dst-port=\
12973-12975 protocol=tcp
add action=drop chain=VIRUS comment=BackFire disabled=no dst-port=31337 \
protocol=tcp
add action=drop chain=VIRUS comment="Baron Night" disabled=no dst-port=31337 \
protocol=tcp
add action=drop chain=VIRUS comment="Big Gluck (TN)" disabled=no dst-port=\
34324 protocol=tcp
add action=drop chain=VIRUS comment=BioNet disabled=no dst-port=12349 \
protocol=tcp
add action=drop chain=VIRUS comment=Bla disabled=no dst-port=1042 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=20331 protocol=\
tcp
add action=drop chain=VIRUS comment="Blade Runner" disabled=no dst-port=\
5400-5402 protocol=tcp
add action=drop chain=VIRUS comment="BO client" disabled=no dst-port=31337 \
protocol=tcp
add action=drop chain=VIRUS comment="BO Facil" disabled=no dst-port=5556-5557 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=31337 protocol=\
tcp
add action=drop chain=VIRUS comment="Bo Wack" disabled=no dst-port=31336 \
protocol=tcp
add action=drop chain=VIRUS comment=BoBo disabled=no dst-port=4321 protocol=\
tcp
add action=drop chain=VIRUS comment="BOWhack " disabled=no dst-port=31666 \
protocol=tcp
add action=drop chain=VIRUS comment="BrainSpy " disabled=no dst-port=10101 \
protocol=tcp
add action=drop chain=VIRUS comment=Bubbel disabled=no dst-port=5000 \
protocol=tcp
add action=drop chain=VIRUS comment=BugBear disabled=no dst-port=36794 \
protocol=tcp
add action=drop chain=VIRUS comment=Bugs disabled=no dst-port=2115 protocol=\
tcp
add action=drop chain=VIRUS comment=Bunker-Hill disabled=no dst-port=61348 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=61603 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=63485 protocol=\
tcp
add action=drop chain=VIRUS comment="Cain e Abel" disabled=no dst-port=666 \
protocol=tcp
add action=drop chain=VIRUS comment=Chargen disabled=no dst-port=9 protocol=\
udp
add action=drop chain=VIRUS comment=Chupacabra disabled=no dst-port=20203 \
protocol=tcp
add action=drop chain=VIRUS comment=Coma disabled=no dst-port=10607 protocol=\
tcp
add action=drop chain=VIRUS comment="Cyber Attacker" disabled=no dst-port=\
9876 protocol=tcp
add action=drop chain=VIRUS comment="Dark Shadow " disabled=no dst-port=911 \
protocol=tcp
add action=drop chain=VIRUS comment=Death disabled=no dst-port=2 protocol=tcp
add action=drop chain=VIRUS comment="Deep Back Orifice" disabled=no dst-port=\
31338 protocol=tcp
add action=drop chain=VIRUS comment="Deep Throat" disabled=no dst-port=41 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2140 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3150 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6771 protocol=tcp
add action=drop chain=VIRUS comment="Deep Throat v2" disabled=no dst-port=\
6670 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6711 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=60000 protocol=\
tcp
add action=drop chain=VIRUS comment="Deep Throat v3" disabled=no dst-port=\
6674 protocol=tcp
add action=drop chain=VIRUS comment=DeepBO disabled=no dst-port=31337 \
protocol=udp
add action=drop chain=VIRUS comment=DeepThroat disabled=no dst-port=999 \
protocol=tcp
add action=drop chain=VIRUS comment="Delta Source" disabled=no dst-port=26274 \
protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=47262 protocol=\
udp
add action=drop chain=VIRUS comment="Der Spacher 3" disabled=no dst-port=\
1000-1001 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2000-2001 \
protocol=tcp
add action=drop chain=VIRUS comment=Devil disabled=no dst-port=65000 \
protocol=tcp
add action=drop chain=VIRUS comment="Digital RootBeer" disabled=no dst-port=\
2600 protocol=tcp
add action=drop chain=VIRUS comment="DMsetup " disabled=no dst-port=58-59 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1010-1012 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1015 protocol=tcp
add action=drop chain=VIRUS comment="Donald Dick" disabled=no dst-port=\
23476-23477 protocol=tcp
add action=drop chain=VIRUS comment=DRAT disabled=no dst-port=48 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=50 protocol=tcp
add action=drop chain=VIRUS comment="DUN Control" disabled=no dst-port=12623 \
protocol=udp
add action=drop chain=VIRUS comment=Eclipse disabled=no dst-port=2000 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3459 protocol=tcp
add action=drop chain=VIRUS comment=Eclypse disabled=no dst-port=3801 \
protocol=udp
add action=drop chain=VIRUS comment="Evil FTP" disabled=no dst-port=23456 \
protocol=tcp
add action=drop chain=VIRUS comment="File Nail" disabled=no dst-port=4567 \
protocol=tcp
add action=drop chain=VIRUS comment=Firehotcker disabled=no dst-port=79 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=5321 protocol=tcp
add action=drop chain=VIRUS comment=Fore disabled=no dst-port=50766 protocol=\
tcp
add action=drop chain=VIRUS comment=FTP99cmp disabled=no dst-port=1492 \
protocol=tcp
add action=drop chain=VIRUS comment="Gaban Bus" disabled=no dst-port=\
12345-12346 protocol=tcp
add action=drop chain=VIRUS comment="Gate Crasher" disabled=no dst-port=\
6969-6970 protocol=tcp
add action=drop chain=VIRUS comment="GirlFriend " disabled=no dst-port=21554 \
protocol=tcp
add action=drop chain=VIRUS comment=Gjamer disabled=no dst-port=12076 \
protocol=tcp
add action=drop chain=VIRUS comment="Hack '99 KeyLogger" disabled=no \
dst-port=12223 protocol=tcp
add action=drop chain=VIRUS comment="Hack 'a' Tack" disabled=no dst-port=\
31780-31785 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=31787-31789 \
protocol=tcp
add action=drop chain=VIRUS comment="Hack 'a' Tack" disabled=no dst-port=\
31791-31792 protocol=udp
add action=drop chain=VIRUS comment="HackCity Ripper Pro" disabled=no \
dst-port=2023 protocol=tcp
add action=drop chain=VIRUS comment="Hackers Paradise " disabled=no dst-port=\
31 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=456 protocol=tcp
add action=drop chain=VIRUS comment=HackOffice disabled=no dst-port=8897 \
protocol=tcp
add action=drop chain=VIRUS comment="Happy 99" disabled=no dst-port=119 \
protocol=tcp
add action=drop chain=VIRUS comment="Hidden Port" disabled=no dst-port=99 \
protocol=tcp
add action=drop chain=VIRUS comment="Host Control " disabled=no dst-port=6669 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=11050 protocol=\
tcp
add action=drop chain=VIRUS comment="HVL Rat5" disabled=no dst-port=2283 \
protocol=tcp
add action=drop chain=VIRUS comment=icKiller disabled=no dst-port=7789 \
protocol=tcp
add action=drop chain=VIRUS comment=\
"ICQ (ICQ.com - community, people search and messaging service!)" \
disabled=no dst-port=1027-1029 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1032 protocol=tcp
add action=drop chain=VIRUS comment="ICQ Revenge" disabled=no dst-port=16772 \
protocol=tcp
add action=drop chain=VIRUS comment="ICQ Revenge" disabled=no dst-port=19864 \
protocol=tcp
add action=drop chain=VIRUS comment="ICQ Trojan" disabled=no dst-port=4590 \
protocol=tcp
add action=drop chain=VIRUS comment="Illusion Mailer" disabled=no dst-port=\
2155 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=5512 protocol=tcp
add action=drop chain=VIRUS comment=InCommand disabled=no dst-port=9400 \
protocol=tcp
add action=drop chain=VIRUS comment=Indoctrination disabled=no dst-port=6939 \
protocol=tcp
add action=drop chain=VIRUS comment=Infector disabled=no dst-port=146 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=146 protocol=udp
add action=drop chain=VIRUS comment=iNi-Killer disabled=no dst-port=555 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=9989 protocol=tcp
add action=drop chain=VIRUS comment="Insane Network" disabled=no dst-port=\
2000 protocol=tcp
add action=drop chain=VIRUS comment=IRC-3 disabled=no dst-port=6969 protocol=\
tcp
add action=drop chain=VIRUS comment=JammerKillah disabled=no dst-port=121 \
protocol=tcp
add action=drop chain=VIRUS comment=Kazimas disabled=no dst-port=113 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=7000 protocol=tcp
add action=drop chain=VIRUS comment="Kuang2 " disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=30999 protocol=\
tcp
add action=drop chain=VIRUS comment=Logged disabled=no dst-port=20203 \
protocol=tcp
add action=drop chain=VIRUS comment="Masters' Paradise" disabled=no dst-port=\
3129 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=40421-40423 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=40425-40426 \
protocol=tcp
add action=drop chain=VIRUS comment="Mavericks Matrix" disabled=no dst-port=\
1269 protocol=tcp
add action=drop chain=VIRUS comment=Millenium disabled=no dst-port=\
20000-20001 protocol=tcp
add action=drop chain=VIRUS comment=MiniCommand disabled=no dst-port=1050 \
protocol=tcp
add action=drop chain=VIRUS comment=Mosucker disabled=no dst-port=16484 \
protocol=tcp
add action=drop chain=VIRUS comment=Nephron disabled=no dst-port=17777 \
protocol=tcp
add action=drop chain=VIRUS comment="Net Controller" disabled=no dst-port=123 \
protocol=tcp
add action=drop chain=VIRUS comment="Netbios datagram (DoS Attack)" disabled=\
no dst-port=138 protocol=tcp
add action=drop chain=VIRUS comment="Netbios name (DoS Attack)" disabled=no \
dst-port=137 protocol=tcp
add action=drop chain=VIRUS comment="Netbios session (DoS Attack)" disabled=\
no dst-port=139 protocol=tcp
add action=drop chain=VIRUS comment="NetBus Pro" disabled=no dst-port=20034 \
protocol=tcp
add action=drop chain=VIRUS comment=NetMetropolitan disabled=no dst-port=5031 \
protocol=tcp
add action=drop chain=VIRUS comment=NetMonitor disabled=no dst-port=7300-7301 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=7306-7308 \
protocol=tcp
add action=drop chain=VIRUS comment=NetRaider disabled=no dst-port=57341 \
protocol=tcp
add action=drop chain=VIRUS comment=NETrojan disabled=no dst-port=1313 \
protocol=tcp
add action=drop chain=VIRUS comment=NetSphere disabled=no dst-port=\
30100-30103 protocol=tcp
add action=drop chain=VIRUS comment=NetSpy disabled=no dst-port=1024-1033 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=31338-31339 \
protocol=tcp
add action=drop chain=VIRUS comment=NoBackO disabled=no dst-port=1200-1201 \
protocol=udp
add action=drop chain=VIRUS comment="One of the Last Trojan (OOTLT)" \
disabled=no dst-port=5011 protocol=tcp
add action=drop chain=VIRUS comment="OpC BO" disabled=no dst-port=1969 \
protocol=tcp
add action=drop chain=VIRUS comment="PC Crasher" disabled=no dst-port=\
5637-5638 protocol=tcp
add action=drop chain=VIRUS comment="Phineas Phucker" disabled=no dst-port=\
2801 protocol=tcp
add action=drop chain=VIRUS comment="Portal of Doom" disabled=no dst-port=\
9872-9875 protocol=tcp
add action=drop chain=VIRUS comment="Portal of Doom" disabled=no dst-port=\
10067 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=10167 protocol=\
udp
add action=drop chain=VIRUS comment=Priority disabled=no dst-port=16969 \
protocol=tcp
add action=drop chain=VIRUS comment=Progenic disabled=no dst-port=11223 \
protocol=tcp
add action=drop chain=VIRUS comment=Prosiak disabled=no dst-port=22222 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=33333 protocol=\
tcp
add action=drop chain=VIRUS comment="Psyber Stream Server" disabled=no \
dst-port=1170 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1509 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=4000 protocol=tcp
add action=drop chain=VIRUS comment=Rasmin disabled=no dst-port=531 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1045 protocol=tcp
add action=drop chain=VIRUS comment=RAT disabled=no dst-port=1095 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1097-1099 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2989 protocol=tcp
add action=drop chain=VIRUS comment=RC disabled=no dst-port=65535 protocol=\
tcp
add action=drop chain=VIRUS comment=Rcon disabled=no dst-port=8989 protocol=\
tcp
add action=drop chain=VIRUS comment="Remote Grab" disabled=no dst-port=7000 \
protocol=tcp
add action=drop chain=VIRUS comment="Remote Windows Shutdown" disabled=no \
dst-port=53001 protocol=tcp
add action=drop chain=VIRUS comment=Robo-Hack disabled=no dst-port=5596 \
protocol=tcp
add action=drop chain=VIRUS comment="Satanz backDoor" disabled=no dst-port=\
666 protocol=tcp
add action=drop chain=VIRUS comment=ScheduleAgent disabled=no dst-port=6667 \
protocol=tcp
add action=drop chain=VIRUS comment="School Bus" disabled=no dst-port=54321 \
protocol=tcp
add action=drop chain=VIRUS comment=Schwindler disabled=no dst-port=21554 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=50766 protocol=\
tcp
add action=drop chain=VIRUS comment="Secret Agent " disabled=no dst-port=\
11223 protocol=tcp
add action=drop chain=VIRUS comment="Secret Service" disabled=no dst-port=605 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6272 protocol=tcp
add action=drop chain=VIRUS comment="Senna Spy FTP Server" disabled=yes \
dst-port=11000 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=13000 protocol=\
tcp
add action=drop chain=VIRUS comment=ServeMe disabled=no dst-port=5555 \
protocol=tcp
add action=drop chain=VIRUS comment="Shit Heep" disabled=no dst-port=6912 \
protocol=tcp
add action=drop chain=VIRUS comment=ShockRave disabled=no dst-port=1981 \
protocol=tcp
add action=drop chain=VIRUS comment=Sivka-Burka disabled=no dst-port=1600 \
protocol=tcp
add action=drop chain=VIRUS comment="SK Silencer" disabled=no dst-port=1001 \
protocol=tcp
add action=drop chain=VIRUS comment=Socket25 disabled=no dst-port=30303 \
protocol=tcp
add action=drop chain=VIRUS comment="Sockets de Troie" disabled=no dst-port=\
5000-5001 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=50505 protocol=\
tcp
add action=drop chain=VIRUS comment=SoftWAR disabled=no dst-port=1207 \
protocol=tcp
add action=drop chain=VIRUS comment="Spirit 2001a " disabled=no dst-port=\
33911 protocol=tcp
add action=drop chain=VIRUS comment=SpySender disabled=no dst-port=1807 \
protocol=tcp
add action=drop chain=VIRUS comment="Streaming Audio trojan" disabled=no \
dst-port=1170 protocol=tcp
add action=drop chain=VIRUS comment=Striker disabled=no dst-port=2565 \
protocol=tcp
add action=drop chain=VIRUS comment=SubSeven disabled=no dst-port=1243 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2773 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6711-6713 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6776 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=7215 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=27374 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=27573 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=54283 protocol=\
tcp
add action=drop chain=VIRUS comment="SubSeven Apocalypse" disabled=no \
dst-port=1243 protocol=tcp
add action=drop chain=VIRUS comment=Syphillis disabled=no dst-port=10086 \
protocol=tcp
add action=drop chain=VIRUS comment="TCP Wrappers" disabled=no dst-port=421 \
protocol=tcp
add action=drop chain=VIRUS comment=TeleCommando disabled=no dst-port=61466 \
protocol=tcp
add action=drop chain=VIRUS comment="The Invasor" disabled=no dst-port=2140 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3150 protocol=tcp
add action=drop chain=VIRUS comment="The Prayer" disabled=no dst-port=2716 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=9999 protocol=tcp
add action=drop chain=VIRUS comment="The Spy" disabled=no dst-port=40412 \
protocol=tcp
add action=drop chain=VIRUS comment="The Thing" disabled=no dst-port=6000 \
protocol=tcp
add action=drop chain=VIRUS comment="The Thing" disabled=no dst-port=6400 \
protocol=tcp
add action=drop chain=VIRUS comment="The Traitor" disabled=no dst-port=65432 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=65432 protocol=\
udp
add action=drop chain=VIRUS comment="The Trojan Cow" disabled=no dst-port=\
2001 protocol=tcp
add action=drop chain=VIRUS comment="The Unexplained" disabled=no dst-port=\
29891 protocol=udp
add action=drop chain=VIRUS comment="Tiny Telnet Server" disabled=no \
dst-port=34324 protocol=tcp
add action=drop chain=VIRUS comment=TransScout disabled=no dst-port=1999-2005 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=9878 protocol=tcp
add action=drop chain=VIRUS comment=Trinoo disabled=no dst-port=34555 \
protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=35555 protocol=\
udp
add action=drop chain=VIRUS comment="Ugly FTP" disabled=no dst-port=23456 \
protocol=tcp
add action=drop chain=VIRUS comment="Ultor's Trojan" disabled=no dst-port=\
1234 protocol=tcp
add action=drop chain=VIRUS comment=Vampire disabled=no dst-port=1020 \
protocol=tcp
add action=drop chain=VIRUS comment="Vampyre " disabled=no dst-port=6669 \
protocol=tcp
add action=drop chain=VIRUS comment="Virtual Hacking Machine " disabled=no \
dst-port=4242 protocol=tcp
add action=drop chain=VIRUS comment=Voice disabled=no dst-port=1170 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=4000 protocol=tcp
add action=drop chain=VIRUS comment="Voodoo Doll" disabled=no dst-port=1245 \
protocol=tcp
add action=drop chain=VIRUS comment="Wack-a-mole " disabled=no dst-port=\
12361-12362 protocol=tcp
add action=drop chain=VIRUS comment="Web Ex" disabled=no dst-port=1001 \
protocol=tcp
add action=drop chain=VIRUS comment=WhackJob disabled=no dst-port=12631 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=23456 protocol=\
tcp
add action=drop chain=VIRUS comment=WinHole disabled=no dst-port=1080-1082 \
protocol=tcp
add action=drop chain=VIRUS comment=Xplorer disabled=no dst-port=2300 \
protocol=tcp
add action=drop chain=VIRUS comment=Xtcp disabled=no dst-port=5550 protocol=\
tcp
add action=drop chain=VIRUS comment=YAT disabled=no dst-port=37651 protocol=\
tcp
add action=drop chain=BOGONS comment="BLOQUEIO DE IPS BOGONS//////////////////\
//////////////////////////////////////////////////////////////////////////\
/////////////////////////////////////////////////" disabled=no \
src-address=0.0.0.0/8
add action=drop chain=BOGONS comment="" disabled=no dst-address=0.0.0.0/8
add action=drop chain=BOGONS comment="" disabled=no src-address=127.0.0.0/8
add action=drop chain=BOGONS comment="" disabled=no dst-address=127.0.0.0/8
add action=drop chain=BOGONS comment="" disabled=no src-address=224.0.0.0/3
add action=drop chain=BOGONS comment="" disabled=no dst-address=224.0.0.0/3
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="Port scanners to list " \
disabled=no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" \
disabled=no protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/FIN scan" disabled=no \
protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/RST scan" disabled=no \
protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" disabled=\
no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="ALL/ALL scan" disabled=no \
protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP NULL scan" disabled=no \
protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=drop chain=input comment="dropping port scanners" disabled=no \
src-address-list="port scanners"
add action=drop chain=forward comment="BLOCK SPAMMERS OR INFECTED USERS" \
disabled=no dst-port=25 protocol=tcp src-address-list=spammer
add action=add-src-to-address-list address-list=spammer address-list-timeout=\
1d chain=forward comment="Detect and add-list SMTP virus or spammers" \
connection-limit=30,32 disabled=no dst-port=25 limit=50,5 protocol=tcp


lol!

jackfukuta
Iniciante
Iniciante

Mensagens : 75
Pontos : 127
Reputação : 6
Data de inscrição : 19/06/2011
Idade : 28
Localização Localização : Guaraci

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por vagalume123 em Qua 6 Jun - 10:14

testando..

vagalume123
Advance user
Advance user

Mensagens : 218
Pontos : 397
Reputação : 7
Data de inscrição : 25/06/2011
Idade : 38
Localização Localização : casa

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por cristiano.micros em Qua 6 Jun - 12:03

essas regras nao bloqueia virus nao existi milhoes de virus com sabe que bloquea mesmo
e explica para cada uma serve

__________________________________________________
A cópia é um dos métodos de aprendizado mas quem só copia não aprende study

Trevizam Network Consultoria

Parceiro BM Software | Consultoria e Revenda Thundercache PRO

visite nossa pagina [Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]

11 96380-8759 (VIVO) 11 98606-5675 (TIM)

cristiano.micros
Power User
Power User

Mensagens : 1185
Pontos : 1440
Reputação : 233
Data de inscrição : 27/11/2010
Idade : 27
Localização Localização : suzano

http://www.trevizamnetwork.com.br

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por vagalume123 em Qua 6 Jun - 16:10

coloquei aqui travou tudo...to tirando

vagalume123
Advance user
Advance user

Mensagens : 218
Pontos : 397
Reputação : 7
Data de inscrição : 25/06/2011
Idade : 38
Localização Localização : casa

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por diassis45 em Qua 6 Jun - 20:11

isso funciona mesmo?

diassis45
Advance user
Advance user

Mensagens : 267
Pontos : 381
Reputação : 36
Data de inscrição : 12/11/2011
Idade : 30
Localização Localização : Planaltina-DF

http://routeros.forumpramim.net

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por Conteúdo patrocinado Hoje à(s) 7:45


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum