Login

Esqueci minha senha

lateral
Estatísticas
Temos 29489 usuários registrados
O último usuário registrado atende pelo nome de gideoni a. souza

Os nossos membros postaram um total de 37367 mensagens em 5586 assuntos

Varias regras para nao pegar virus no mikrotik

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Varias regras para nao pegar virus no mikrotik

Mensagem por jackfukuta em Ter 5 Jun - 13:49

Espero que ajude alguns aqui.

Tenho todas essas regras e todas funcionando normal.
Tem umas que sao para portas.

/ip firewall filter
add action=jump chain=input comment="REPASA TRAFICO PARA CANAL VIRUS" \
disabled=no jump-target=VIRUS
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=reject chain=forward comment="" disabled=no p2p=all-p2p \
reject-with=icmp-network-unreachable
add action=accept chain=input comment="AceptA EL winbox" disabled=no \
dst-port=8291 protocol=tcp
add action=drop chain=input comment="BLOQUEA SCAN POR WINBOX" disabled=no \
dst-port=5678 protocol=udp
add action=jump chain=input comment=\
"REPASA TRAFICO PARA VERIFICion DE PUERTOS" disabled=no jump-target=\
"P2P E PORTAS"
add action=jump chain=forward comment="" disabled=no jump-target=VIRUS
add action=jump chain=input comment="BLOQUEO DE IPS BOGONS" disabled=no \
jump-target=BOGONS
add action=jump chain=forward comment="" disabled=no jump-target=BOGONS
add action=accept chain=input comment="ACEPTA CONEXIONES NUEVAS" \
connection-state=new disabled=no
add action=accept chain="P2P PUERTOS" comment="PUERTOS DE P2P ////////////////\
//////////////////////////////////////////////////////////////////////////\
//////////////////////////////////////////////////////" disabled=yes \
dst-port=6346-6349 protocol=tcp
add action=accept chain=forward comment="" connection-state=new disabled=no
add action=accept chain=input comment="ACEPTA CONEXIONES ESTABELECIDAS" \
connection-state=established disabled=no
add action=accept chain=forward comment="" connection-state=established \
disabled=no
add action=accept chain=input comment="ACEPTA CONEXIONES RELACIONADAS" \
connection-state=related disabled=no
add action=accept chain=forward comment="" connection-state=related disabled=\
no
add action=accept chain="P2P E PORTAS" comment=FTP disabled=no dst-port=21 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="OUTLOOK EXPRESS" disabled=no \
dst-port=110 protocol=tcp
add action=accept chain="P2P E PORTAS" comment=DNS disabled=no dst-port=53 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment=E-MAIL disabled=no dst-port=25 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="portas do ITR" disabled=no \
dst-port=5636 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5636 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=5653 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=3456 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="Autenticacion de MSN" \
disabled=no dst-port=1863 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1080 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1853 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment=skipe disabled=no dst-port=\
30369 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="PORTAS DO KAZAA" disabled=no \
dst-port=1214 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="PORTAS DO E-MULE" disabled=\
yes dst-port=4662 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=4662 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
6346-6348 protocol=udp
add action=accept chain="P2P E PORTAS" comment="PORTAS DO BITTORRENT" \
disabled=no dst-port=6881-6889 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=\
6881-6889 protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=1214 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="PORTAS RANDON DO BIT TORRENT" \
disabled=yes dst-port=57792 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=yes dst-port=57792 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="porta servidor CS" disabled=\
no dst-port=27015 protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27015 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27017 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27018 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27019 \
protocol=udp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
protocol=tcp
add action=accept chain="P2P E PORTAS" comment="" disabled=no dst-port=27060 \
protocol=udp
add action=drop chain="P2P E PORTAS" comment="BLOQUEA NETBIOS TCP" disabled=\
no dst-port=137-139 protocol=tcp src-port=137-139
add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
protocol=tcp src-port=445
add action=drop chain="P2P E PORTAS" comment="BLOQUEA NETBIOS UDP" disabled=\
no dst-port=137-139 protocol=udp src-port=137-139
add action=drop chain="P2P E PORTAS" comment="" disabled=no dst-port=445 \
protocol=udp src-port=445
add action=accept chain="P2P E PORTAS" comment="ALL P2P" disabled=yes p2p=\
all-p2p
add action=drop chain=VIRUS comment="LISTA DE VIRUS///////////////////////////\
//////////////////////////////////////////////////////////////////////////\
////////////////////////////////////////////////////" disabled=no \
protocol=tcp src-port=445
add action=drop chain=VIRUS comment="" disabled=no dst-port=445 protocol=tcp
add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no protocol=\
udp src-port=445
add action=drop chain=VIRUS comment="Drop Blaster Worm" disabled=no dst-port=\
445 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no protocol=tcp src-port=\
135-139
add action=drop chain=VIRUS comment="" disabled=no protocol=udp src-port=\
135-139
add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=135-139 protocol=\
udp
add action=drop chain=VIRUS comment=________ disabled=no dst-port=593 \
protocol=tcp
add action=drop chain=VIRUS comment=________ disabled=no dst-port=1024-1030 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop MyDoom" disabled=no dst-port=1080 \
protocol=tcp
add action=drop chain=VIRUS comment=________ disabled=no dst-port=1214 \
protocol=tcp
add action=drop chain=VIRUS comment="ndm requester" disabled=no dst-port=1363 \
protocol=tcp
add action=drop chain=VIRUS comment="ndm server" disabled=no dst-port=1364 \
protocol=tcp
add action=drop chain=VIRUS comment="screen cast" disabled=no dst-port=1368 \
protocol=tcp
add action=drop chain=VIRUS comment=hromgrafx disabled=no dst-port=1373 \
protocol=tcp
add action=drop chain=VIRUS comment=cichlid disabled=no dst-port=1377 \
protocol=tcp
add action=drop chain=VIRUS comment=Worm disabled=no dst-port=1433-1434 \
protocol=tcp
add action=drop chain=VIRUS comment="Bagle VIRUS" disabled=no dst-port=2745 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Dumaru.Y" disabled=no dst-port=2283 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Beagle" disabled=no dst-port=2535 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Beagle.C-K" disabled=no dst-port=\
2745 protocol=tcp
add action=drop chain=VIRUS comment="Drop MyDoom" disabled=no dst-port=3127 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Backdoor OptixPro" disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=VIRUS comment=Worm disabled=no dst-port=4444 protocol=\
tcp
add action=drop chain=VIRUS comment=Worm disabled=no dst-port=4444 protocol=\
udp
add action=drop chain=VIRUS comment="Drop Sasser" disabled=no dst-port=5554 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Beagle.B" disabled=no dst-port=8866 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Dabber.A-B" disabled=no dst-port=\
9898 protocol=tcp
add action=drop chain=VIRUS comment="Drop Dumaru.Y" disabled=no dst-port=\
10000 protocol=tcp
add action=drop chain=VIRUS comment="Drop MyDoom.B" disabled=no dst-port=\
10080 protocol=tcp
add action=drop chain=VIRUS comment="Drop NetBus" disabled=no dst-port=12345 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop Kuang2" disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=VIRUS comment="Drop SubSeven" disabled=no dst-port=\
27374 protocol=tcp
add action=drop chain=VIRUS comment="Drop PhatBot, Agobot, Gaobot" disabled=\
no dst-port=65506 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=513 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=513 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=525 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=525 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=568-569 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=568-569 protocol=\
udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1512 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1512 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=396 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=396 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1366 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1366 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1416 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1416 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=201-209 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=201-209 protocol=\
udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=545 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=545 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1381 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1381 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3031 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3031 protocol=udp
add action=drop chain=VIRUS comment="2000 cracks" disabled=no dst-port=6776 \
protocol=tcp
add action=drop chain=VIRUS comment="Acid Battery" disabled=no dst-port=32418 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2000 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=52317 protocol=\
tcp
add action=drop chain=VIRUS comment="Acid Shivers" disabled=no dst-port=10520 \
protocol=tcp
add action=drop chain=VIRUS comment="Agent 31" disabled=no dst-port=31 \
protocol=tcp
add action=drop chain=VIRUS comment="Agent 40421" disabled=no dst-port=40421 \
protocol=tcp
add action=drop chain=VIRUS comment="Aim Spy" disabled=no dst-port=777 \
protocol=tcp
add action=drop chain=VIRUS comment=Ambush disabled=no dst-port=10666 \
protocol=tcp
add action=drop chain=VIRUS comment="AOL Trojan" disabled=no dst-port=30029 \
protocol=tcp
add action=drop chain=VIRUS comment="Attack FTP" disabled=no dst-port=666 \
protocol=tcp
add action=drop chain=VIRUS comment="Back Construction" disabled=no dst-port=\
5400-5401 protocol=tcp
add action=drop chain=VIRUS comment="Back Door Setup" disabled=no dst-port=\
5000-5001 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=7789 protocol=tcp
add action=drop chain=VIRUS comment="Back Orifice" disabled=no dst-port=\
31337-31338 protocol=tcp
add action=drop chain=VIRUS comment="Back Orifice 2000" disabled=no dst-port=\
54320-54321 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=8787 protocol=tcp
add action=drop chain=VIRUS comment="Back Orifice DLL" disabled=no dst-port=\
1349 protocol=udp
add action=drop chain=VIRUS comment=BackDoor disabled=no dst-port=1999 \
protocol=tcp
add action=drop chain=VIRUS comment=BackDoor-G disabled=no dst-port=1243 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6776 protocol=tcp
add action=drop chain=VIRUS comment=BackDoor-QE disabled=no dst-port=10452 \
protocol=tcp
add action=drop chain=VIRUS comment=BackDoor-QO disabled=no dst-port=3332 \
protocol=tcp
add action=drop chain=VIRUS comment=BackDoor-QR disabled=no dst-port=\
12973-12975 protocol=tcp
add action=drop chain=VIRUS comment=BackFire disabled=no dst-port=31337 \
protocol=tcp
add action=drop chain=VIRUS comment="Baron Night" disabled=no dst-port=31337 \
protocol=tcp
add action=drop chain=VIRUS comment="Big Gluck (TN)" disabled=no dst-port=\
34324 protocol=tcp
add action=drop chain=VIRUS comment=BioNet disabled=no dst-port=12349 \
protocol=tcp
add action=drop chain=VIRUS comment=Bla disabled=no dst-port=1042 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=20331 protocol=\
tcp
add action=drop chain=VIRUS comment="Blade Runner" disabled=no dst-port=\
5400-5402 protocol=tcp
add action=drop chain=VIRUS comment="BO client" disabled=no dst-port=31337 \
protocol=tcp
add action=drop chain=VIRUS comment="BO Facil" disabled=no dst-port=5556-5557 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=31337 protocol=\
tcp
add action=drop chain=VIRUS comment="Bo Wack" disabled=no dst-port=31336 \
protocol=tcp
add action=drop chain=VIRUS comment=BoBo disabled=no dst-port=4321 protocol=\
tcp
add action=drop chain=VIRUS comment="BOWhack " disabled=no dst-port=31666 \
protocol=tcp
add action=drop chain=VIRUS comment="BrainSpy " disabled=no dst-port=10101 \
protocol=tcp
add action=drop chain=VIRUS comment=Bubbel disabled=no dst-port=5000 \
protocol=tcp
add action=drop chain=VIRUS comment=BugBear disabled=no dst-port=36794 \
protocol=tcp
add action=drop chain=VIRUS comment=Bugs disabled=no dst-port=2115 protocol=\
tcp
add action=drop chain=VIRUS comment=Bunker-Hill disabled=no dst-port=61348 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=61603 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=63485 protocol=\
tcp
add action=drop chain=VIRUS comment="Cain e Abel" disabled=no dst-port=666 \
protocol=tcp
add action=drop chain=VIRUS comment=Chargen disabled=no dst-port=9 protocol=\
udp
add action=drop chain=VIRUS comment=Chupacabra disabled=no dst-port=20203 \
protocol=tcp
add action=drop chain=VIRUS comment=Coma disabled=no dst-port=10607 protocol=\
tcp
add action=drop chain=VIRUS comment="Cyber Attacker" disabled=no dst-port=\
9876 protocol=tcp
add action=drop chain=VIRUS comment="Dark Shadow " disabled=no dst-port=911 \
protocol=tcp
add action=drop chain=VIRUS comment=Death disabled=no dst-port=2 protocol=tcp
add action=drop chain=VIRUS comment="Deep Back Orifice" disabled=no dst-port=\
31338 protocol=tcp
add action=drop chain=VIRUS comment="Deep Throat" disabled=no dst-port=41 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2140 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3150 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6771 protocol=tcp
add action=drop chain=VIRUS comment="Deep Throat v2" disabled=no dst-port=\
6670 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6711 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=60000 protocol=\
tcp
add action=drop chain=VIRUS comment="Deep Throat v3" disabled=no dst-port=\
6674 protocol=tcp
add action=drop chain=VIRUS comment=DeepBO disabled=no dst-port=31337 \
protocol=udp
add action=drop chain=VIRUS comment=DeepThroat disabled=no dst-port=999 \
protocol=tcp
add action=drop chain=VIRUS comment="Delta Source" disabled=no dst-port=26274 \
protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=47262 protocol=\
udp
add action=drop chain=VIRUS comment="Der Spacher 3" disabled=no dst-port=\
1000-1001 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2000-2001 \
protocol=tcp
add action=drop chain=VIRUS comment=Devil disabled=no dst-port=65000 \
protocol=tcp
add action=drop chain=VIRUS comment="Digital RootBeer" disabled=no dst-port=\
2600 protocol=tcp
add action=drop chain=VIRUS comment="DMsetup " disabled=no dst-port=58-59 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1010-1012 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1015 protocol=tcp
add action=drop chain=VIRUS comment="Donald Dick" disabled=no dst-port=\
23476-23477 protocol=tcp
add action=drop chain=VIRUS comment=DRAT disabled=no dst-port=48 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=50 protocol=tcp
add action=drop chain=VIRUS comment="DUN Control" disabled=no dst-port=12623 \
protocol=udp
add action=drop chain=VIRUS comment=Eclipse disabled=no dst-port=2000 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3459 protocol=tcp
add action=drop chain=VIRUS comment=Eclypse disabled=no dst-port=3801 \
protocol=udp
add action=drop chain=VIRUS comment="Evil FTP" disabled=no dst-port=23456 \
protocol=tcp
add action=drop chain=VIRUS comment="File Nail" disabled=no dst-port=4567 \
protocol=tcp
add action=drop chain=VIRUS comment=Firehotcker disabled=no dst-port=79 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=5321 protocol=tcp
add action=drop chain=VIRUS comment=Fore disabled=no dst-port=50766 protocol=\
tcp
add action=drop chain=VIRUS comment=FTP99cmp disabled=no dst-port=1492 \
protocol=tcp
add action=drop chain=VIRUS comment="Gaban Bus" disabled=no dst-port=\
12345-12346 protocol=tcp
add action=drop chain=VIRUS comment="Gate Crasher" disabled=no dst-port=\
6969-6970 protocol=tcp
add action=drop chain=VIRUS comment="GirlFriend " disabled=no dst-port=21554 \
protocol=tcp
add action=drop chain=VIRUS comment=Gjamer disabled=no dst-port=12076 \
protocol=tcp
add action=drop chain=VIRUS comment="Hack '99 KeyLogger" disabled=no \
dst-port=12223 protocol=tcp
add action=drop chain=VIRUS comment="Hack 'a' Tack" disabled=no dst-port=\
31780-31785 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=31787-31789 \
protocol=tcp
add action=drop chain=VIRUS comment="Hack 'a' Tack" disabled=no dst-port=\
31791-31792 protocol=udp
add action=drop chain=VIRUS comment="HackCity Ripper Pro" disabled=no \
dst-port=2023 protocol=tcp
add action=drop chain=VIRUS comment="Hackers Paradise " disabled=no dst-port=\
31 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=456 protocol=tcp
add action=drop chain=VIRUS comment=HackOffice disabled=no dst-port=8897 \
protocol=tcp
add action=drop chain=VIRUS comment="Happy 99" disabled=no dst-port=119 \
protocol=tcp
add action=drop chain=VIRUS comment="Hidden Port" disabled=no dst-port=99 \
protocol=tcp
add action=drop chain=VIRUS comment="Host Control " disabled=no dst-port=6669 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=11050 protocol=\
tcp
add action=drop chain=VIRUS comment="HVL Rat5" disabled=no dst-port=2283 \
protocol=tcp
add action=drop chain=VIRUS comment=icKiller disabled=no dst-port=7789 \
protocol=tcp
add action=drop chain=VIRUS comment=\
"ICQ (ICQ.com - community, people search and messaging service!)" \
disabled=no dst-port=1027-1029 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1032 protocol=tcp
add action=drop chain=VIRUS comment="ICQ Revenge" disabled=no dst-port=16772 \
protocol=tcp
add action=drop chain=VIRUS comment="ICQ Revenge" disabled=no dst-port=19864 \
protocol=tcp
add action=drop chain=VIRUS comment="ICQ Trojan" disabled=no dst-port=4590 \
protocol=tcp
add action=drop chain=VIRUS comment="Illusion Mailer" disabled=no dst-port=\
2155 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=5512 protocol=tcp
add action=drop chain=VIRUS comment=InCommand disabled=no dst-port=9400 \
protocol=tcp
add action=drop chain=VIRUS comment=Indoctrination disabled=no dst-port=6939 \
protocol=tcp
add action=drop chain=VIRUS comment=Infector disabled=no dst-port=146 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=146 protocol=udp
add action=drop chain=VIRUS comment=iNi-Killer disabled=no dst-port=555 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=9989 protocol=tcp
add action=drop chain=VIRUS comment="Insane Network" disabled=no dst-port=\
2000 protocol=tcp
add action=drop chain=VIRUS comment=IRC-3 disabled=no dst-port=6969 protocol=\
tcp
add action=drop chain=VIRUS comment=JammerKillah disabled=no dst-port=121 \
protocol=tcp
add action=drop chain=VIRUS comment=Kazimas disabled=no dst-port=113 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=7000 protocol=tcp
add action=drop chain=VIRUS comment="Kuang2 " disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=30999 protocol=\
tcp
add action=drop chain=VIRUS comment=Logged disabled=no dst-port=20203 \
protocol=tcp
add action=drop chain=VIRUS comment="Masters' Paradise" disabled=no dst-port=\
3129 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=40421-40423 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=40425-40426 \
protocol=tcp
add action=drop chain=VIRUS comment="Mavericks Matrix" disabled=no dst-port=\
1269 protocol=tcp
add action=drop chain=VIRUS comment=Millenium disabled=no dst-port=\
20000-20001 protocol=tcp
add action=drop chain=VIRUS comment=MiniCommand disabled=no dst-port=1050 \
protocol=tcp
add action=drop chain=VIRUS comment=Mosucker disabled=no dst-port=16484 \
protocol=tcp
add action=drop chain=VIRUS comment=Nephron disabled=no dst-port=17777 \
protocol=tcp
add action=drop chain=VIRUS comment="Net Controller" disabled=no dst-port=123 \
protocol=tcp
add action=drop chain=VIRUS comment="Netbios datagram (DoS Attack)" disabled=\
no dst-port=138 protocol=tcp
add action=drop chain=VIRUS comment="Netbios name (DoS Attack)" disabled=no \
dst-port=137 protocol=tcp
add action=drop chain=VIRUS comment="Netbios session (DoS Attack)" disabled=\
no dst-port=139 protocol=tcp
add action=drop chain=VIRUS comment="NetBus Pro" disabled=no dst-port=20034 \
protocol=tcp
add action=drop chain=VIRUS comment=NetMetropolitan disabled=no dst-port=5031 \
protocol=tcp
add action=drop chain=VIRUS comment=NetMonitor disabled=no dst-port=7300-7301 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=7306-7308 \
protocol=tcp
add action=drop chain=VIRUS comment=NetRaider disabled=no dst-port=57341 \
protocol=tcp
add action=drop chain=VIRUS comment=NETrojan disabled=no dst-port=1313 \
protocol=tcp
add action=drop chain=VIRUS comment=NetSphere disabled=no dst-port=\
30100-30103 protocol=tcp
add action=drop chain=VIRUS comment=NetSpy disabled=no dst-port=1024-1033 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=31338-31339 \
protocol=tcp
add action=drop chain=VIRUS comment=NoBackO disabled=no dst-port=1200-1201 \
protocol=udp
add action=drop chain=VIRUS comment="One of the Last Trojan (OOTLT)" \
disabled=no dst-port=5011 protocol=tcp
add action=drop chain=VIRUS comment="OpC BO" disabled=no dst-port=1969 \
protocol=tcp
add action=drop chain=VIRUS comment="PC Crasher" disabled=no dst-port=\
5637-5638 protocol=tcp
add action=drop chain=VIRUS comment="Phineas Phucker" disabled=no dst-port=\
2801 protocol=tcp
add action=drop chain=VIRUS comment="Portal of Doom" disabled=no dst-port=\
9872-9875 protocol=tcp
add action=drop chain=VIRUS comment="Portal of Doom" disabled=no dst-port=\
10067 protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=10167 protocol=\
udp
add action=drop chain=VIRUS comment=Priority disabled=no dst-port=16969 \
protocol=tcp
add action=drop chain=VIRUS comment=Progenic disabled=no dst-port=11223 \
protocol=tcp
add action=drop chain=VIRUS comment=Prosiak disabled=no dst-port=22222 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=33333 protocol=\
tcp
add action=drop chain=VIRUS comment="Psyber Stream Server" disabled=no \
dst-port=1170 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1509 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=4000 protocol=tcp
add action=drop chain=VIRUS comment=Rasmin disabled=no dst-port=531 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1045 protocol=tcp
add action=drop chain=VIRUS comment=RAT disabled=no dst-port=1095 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=1097-1099 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2989 protocol=tcp
add action=drop chain=VIRUS comment=RC disabled=no dst-port=65535 protocol=\
tcp
add action=drop chain=VIRUS comment=Rcon disabled=no dst-port=8989 protocol=\
tcp
add action=drop chain=VIRUS comment="Remote Grab" disabled=no dst-port=7000 \
protocol=tcp
add action=drop chain=VIRUS comment="Remote Windows Shutdown" disabled=no \
dst-port=53001 protocol=tcp
add action=drop chain=VIRUS comment=Robo-Hack disabled=no dst-port=5596 \
protocol=tcp
add action=drop chain=VIRUS comment="Satanz backDoor" disabled=no dst-port=\
666 protocol=tcp
add action=drop chain=VIRUS comment=ScheduleAgent disabled=no dst-port=6667 \
protocol=tcp
add action=drop chain=VIRUS comment="School Bus" disabled=no dst-port=54321 \
protocol=tcp
add action=drop chain=VIRUS comment=Schwindler disabled=no dst-port=21554 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=50766 protocol=\
tcp
add action=drop chain=VIRUS comment="Secret Agent " disabled=no dst-port=\
11223 protocol=tcp
add action=drop chain=VIRUS comment="Secret Service" disabled=no dst-port=605 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6272 protocol=tcp
add action=drop chain=VIRUS comment="Senna Spy FTP Server" disabled=yes \
dst-port=11000 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=13000 protocol=\
tcp
add action=drop chain=VIRUS comment=ServeMe disabled=no dst-port=5555 \
protocol=tcp
add action=drop chain=VIRUS comment="Shit Heep" disabled=no dst-port=6912 \
protocol=tcp
add action=drop chain=VIRUS comment=ShockRave disabled=no dst-port=1981 \
protocol=tcp
add action=drop chain=VIRUS comment=Sivka-Burka disabled=no dst-port=1600 \
protocol=tcp
add action=drop chain=VIRUS comment="SK Silencer" disabled=no dst-port=1001 \
protocol=tcp
add action=drop chain=VIRUS comment=Socket25 disabled=no dst-port=30303 \
protocol=tcp
add action=drop chain=VIRUS comment="Sockets de Troie" disabled=no dst-port=\
5000-5001 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=50505 protocol=\
tcp
add action=drop chain=VIRUS comment=SoftWAR disabled=no dst-port=1207 \
protocol=tcp
add action=drop chain=VIRUS comment="Spirit 2001a " disabled=no dst-port=\
33911 protocol=tcp
add action=drop chain=VIRUS comment=SpySender disabled=no dst-port=1807 \
protocol=tcp
add action=drop chain=VIRUS comment="Streaming Audio trojan" disabled=no \
dst-port=1170 protocol=tcp
add action=drop chain=VIRUS comment=Striker disabled=no dst-port=2565 \
protocol=tcp
add action=drop chain=VIRUS comment=SubSeven disabled=no dst-port=1243 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=2773 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6711-6713 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=6776 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=7215 protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=27374 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=27573 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=54283 protocol=\
tcp
add action=drop chain=VIRUS comment="SubSeven Apocalypse" disabled=no \
dst-port=1243 protocol=tcp
add action=drop chain=VIRUS comment=Syphillis disabled=no dst-port=10086 \
protocol=tcp
add action=drop chain=VIRUS comment="TCP Wrappers" disabled=no dst-port=421 \
protocol=tcp
add action=drop chain=VIRUS comment=TeleCommando disabled=no dst-port=61466 \
protocol=tcp
add action=drop chain=VIRUS comment="The Invasor" disabled=no dst-port=2140 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=3150 protocol=tcp
add action=drop chain=VIRUS comment="The Prayer" disabled=no dst-port=2716 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=9999 protocol=tcp
add action=drop chain=VIRUS comment="The Spy" disabled=no dst-port=40412 \
protocol=tcp
add action=drop chain=VIRUS comment="The Thing" disabled=no dst-port=6000 \
protocol=tcp
add action=drop chain=VIRUS comment="The Thing" disabled=no dst-port=6400 \
protocol=tcp
add action=drop chain=VIRUS comment="The Traitor" disabled=no dst-port=65432 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=65432 protocol=\
udp
add action=drop chain=VIRUS comment="The Trojan Cow" disabled=no dst-port=\
2001 protocol=tcp
add action=drop chain=VIRUS comment="The Unexplained" disabled=no dst-port=\
29891 protocol=udp
add action=drop chain=VIRUS comment="Tiny Telnet Server" disabled=no \
dst-port=34324 protocol=tcp
add action=drop chain=VIRUS comment=TransScout disabled=no dst-port=1999-2005 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=9878 protocol=tcp
add action=drop chain=VIRUS comment=Trinoo disabled=no dst-port=34555 \
protocol=udp
add action=drop chain=VIRUS comment="" disabled=no dst-port=35555 protocol=\
udp
add action=drop chain=VIRUS comment="Ugly FTP" disabled=no dst-port=23456 \
protocol=tcp
add action=drop chain=VIRUS comment="Ultor's Trojan" disabled=no dst-port=\
1234 protocol=tcp
add action=drop chain=VIRUS comment=Vampire disabled=no dst-port=1020 \
protocol=tcp
add action=drop chain=VIRUS comment="Vampyre " disabled=no dst-port=6669 \
protocol=tcp
add action=drop chain=VIRUS comment="Virtual Hacking Machine " disabled=no \
dst-port=4242 protocol=tcp
add action=drop chain=VIRUS comment=Voice disabled=no dst-port=1170 protocol=\
tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=4000 protocol=tcp
add action=drop chain=VIRUS comment="Voodoo Doll" disabled=no dst-port=1245 \
protocol=tcp
add action=drop chain=VIRUS comment="Wack-a-mole " disabled=no dst-port=\
12361-12362 protocol=tcp
add action=drop chain=VIRUS comment="Web Ex" disabled=no dst-port=1001 \
protocol=tcp
add action=drop chain=VIRUS comment=WhackJob disabled=no dst-port=12631 \
protocol=tcp
add action=drop chain=VIRUS comment="" disabled=no dst-port=23456 protocol=\
tcp
add action=drop chain=VIRUS comment=WinHole disabled=no dst-port=1080-1082 \
protocol=tcp
add action=drop chain=VIRUS comment=Xplorer disabled=no dst-port=2300 \
protocol=tcp
add action=drop chain=VIRUS comment=Xtcp disabled=no dst-port=5550 protocol=\
tcp
add action=drop chain=VIRUS comment=YAT disabled=no dst-port=37651 protocol=\
tcp
add action=drop chain=BOGONS comment="BLOQUEIO DE IPS BOGONS//////////////////\
//////////////////////////////////////////////////////////////////////////\
/////////////////////////////////////////////////" disabled=no \
src-address=0.0.0.0/8
add action=drop chain=BOGONS comment="" disabled=no dst-address=0.0.0.0/8
add action=drop chain=BOGONS comment="" disabled=no src-address=127.0.0.0/8
add action=drop chain=BOGONS comment="" disabled=no dst-address=127.0.0.0/8
add action=drop chain=BOGONS comment="" disabled=no src-address=224.0.0.0/3
add action=drop chain=BOGONS comment="" disabled=no dst-address=224.0.0.0/3
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="Port scanners to list " \
disabled=no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP FIN Stealth scan" \
disabled=no protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/FIN scan" disabled=no \
protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="SYN/RST scan" disabled=no \
protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="FIN/PSH/URG scan" disabled=\
no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="ALL/ALL scan" disabled=no \
protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w chain=input comment="NMAP NULL scan" disabled=no \
protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=drop chain=input comment="dropping port scanners" disabled=no \
src-address-list="port scanners"
add action=drop chain=forward comment="BLOCK SPAMMERS OR INFECTED USERS" \
disabled=no dst-port=25 protocol=tcp src-address-list=spammer
add action=add-src-to-address-list address-list=spammer address-list-timeout=\
1d chain=forward comment="Detect and add-list SMTP virus or spammers" \
connection-limit=30,32 disabled=no dst-port=25 limit=50,5 protocol=tcp


lol!

jackfukuta
Iniciante
Iniciante

Mensagens : 75
Pontos : 127
Reputação : 6
Data de inscrição : 19/06/2011
Idade : 28
Localização Localização : Guaraci

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por vagalume123 em Qua 6 Jun - 10:14

testando..

vagalume123
Advance user
Advance user

Mensagens : 218
Pontos : 397
Reputação : 7
Data de inscrição : 25/06/2011
Idade : 38
Localização Localização : casa

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por cristiano.micros em Qua 6 Jun - 12:03

essas regras nao bloqueia virus nao existi milhoes de virus com sabe que bloquea mesmo
e explica para cada uma serve

__________________________________________________
A cópia é um dos métodos de aprendizado mas quem só copia não aprende study

Trevizam Network Consultoria

Parceiro BM Software | Consultoria e Revenda Thundercache PRO

visite nossa pagina [Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]

[Você precisa estar registrado e conectado para ver este link.]

11 96380-8759 (VIVO) 11 98606-5675 (TIM)

cristiano.micros
Power User
Power User

Mensagens : 1185
Pontos : 1440
Reputação : 233
Data de inscrição : 27/11/2010
Idade : 27
Localização Localização : suzano

http://www.trevizamnetwork.com.br

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por vagalume123 em Qua 6 Jun - 16:10

coloquei aqui travou tudo...to tirando

vagalume123
Advance user
Advance user

Mensagens : 218
Pontos : 397
Reputação : 7
Data de inscrição : 25/06/2011
Idade : 38
Localização Localização : casa

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por diassis45 em Qua 6 Jun - 20:11

isso funciona mesmo?

diassis45
Advance user
Advance user

Mensagens : 267
Pontos : 381
Reputação : 36
Data de inscrição : 12/11/2011
Idade : 30
Localização Localização : Planaltina-DF

http://routeros.forumpramim.net

Voltar ao Topo Ir em baixo

Re: Varias regras para nao pegar virus no mikrotik

Mensagem por Conteúdo patrocinado Hoje à(s) 22:40


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum