HOT
Adri Blog
No Result
View All Result
Adri Blog
No Result
View All Result
Home Lainnya

Blokir Port di Mikrotik

adri by adri
May 2, 2013
in Lainnya
382 16
0
548
SHARES
2.5k
VIEWS
Share di FacebookShare di TwitterShare di Whatsapp

Ini Kode dapat dari IT Expert dari Padang Sumatera Barat, Namanya HARINTO, ST, Panggilan Senthod atau Karcuk (Ini Panggilan Kesayangan), Kode ini selain memblokir PORT penting di Mikrotik juga sebagai Penangkal Virus di Local Area Network anda. SIlahkan Copy Paste Code dibawah ini di Terminal Mikrotik anda.

[codesyntax lang=”html4strict”]

/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=drop chain=forward comment="Block Bogus IP Address" disabled=no src-address=0.0.0.0/8
add action=drop chain=forward disabled=no dst-address=0.0.0.0/8
add action=drop chain=forward disabled=no src-address=127.0.0.0/8
add action=drop chain=forward disabled=no dst-address=127.0.0.0/8
add action=drop chain=forward disabled=no src-address=224.0.0.0/3
add action=drop chain=forward disabled=no dst-address=224.0.0.0/3
add action=drop chain=forward comment="Drop Traceroute" disabled=no icmp-options=11:0 protocol=icmp
add action=drop chain=forward comment="Drop Traceroute" disabled=no icmp-options=3:3 protocol=icmp
add action=drop chain=input comment="Drop SSH brute forcers" disabled=no dst-port=22 protocol=tcp src-address-list=
    ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=1w3d chain=input connection-state=new
    disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout=1m chain=input connection-state=new
    disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m chain=input connection-state=new
    disabled=no dst-port=22 protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout=1m chain=input connection-state=new
    disabled=no dst-port=22 protocol=tcp
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input comment=
    "Port Scanners to list " disabled=no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input disabled=no protocol=
    tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input disabled=no protocol=
    tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input disabled=no protocol=
    tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input disabled=no protocol=
    tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input disabled=no protocol=
    tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w chain=input disabled=no protocol=
    tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=drop chain=input disabled=no src-address-list="port scanners"
add action=drop chain=input comment="Filter FTP to Box" disabled=no dst-port=21 protocol=tcp src-address-list=
    ftp_blacklist
add action=accept chain=output content="530 Login incorrect" disabled=no dst-limit=1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=ftp_blacklist address-list-timeout=3h chain=output content=
    "530 Login incorrect" disabled=no protocol=tcp
add action=jump chain=forward comment="Separate Protocol into Chains" disabled=no jump-target=tcp protocol=tcp
add action=jump chain=forward disabled=no jump-target=udp protocol=udp
add action=jump chain=forward disabled=no jump-target=icmp protocol=icmp
add action=jump chain=input disabled=no jump-target=tcp protocol=tcp
add action=jump chain=input disabled=no jump-target=udp protocol=udp
add action=drop chain=udp comment="Blocking UDP Packet" disabled=no dst-port=69 protocol=udp
add action=drop chain=udp disabled=no dst-port=111 protocol=udp
add action=drop chain=udp disabled=no dst-port=135 protocol=udp
add action=drop chain=udp disabled=no dst-port=445 protocol=udp
add action=drop chain=udp disabled=no dst-port=135-139 protocol=udp
add action=drop chain=udp disabled=no dst-port=2049 protocol=udp
add action=drop chain=udp disabled=no dst-port=3133 protocol=udp
add action=drop chain=tcp comment="Bloking TCP Packet" disabled=no dst-port=25 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=69 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=111 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=135-139 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=135 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=119 protocol=tcp
add action=add-src-to-address-list address-list=virus_conficker address-list-timeout=2m chain=tcp comment=
    "Tangkap Virus Conficker" disabled=no dst-port=445 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=445 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=445 protocol=udp
add action=drop chain=tcp disabled=no dst-port=2049 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=12345-12346 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=20034 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=3133 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=67-68 protocol=tcp
add action=accept chain=icmp comment="Limited Ping Flood" disabled=no icmp-options=0:0-255 limit=5,5 protocol=icmp
add action=accept chain=icmp disabled=no icmp-options=8:0-255 limit=5,5 protocol=icmp
add action=accept chain=icmp disabled=no icmp-options=3:3 limit=5,5 protocol=icmp
add action=accept chain=icmp disabled=no icmp-options=3:4 limit=5,5 protocol=icmp
add action=drop chain=icmp disabled=no protocol=icmp
add action=accept chain=input comment="Allow Broadcast Traffic" disabled=no dst-address-type=broadcast
add action=accept chain=input comment="Connection State" connection-state=established disabled=no
add action=accept chain=icmp disabled=no icmp-options=11:0-255 limit=5,5 protocol=icmp
add action=accept chain=input connection-state=related disabled=no
add action=accept chain=input disabled=no limit=50/5s,2 protocol=icmp
add action=drop chain=input connection-state=invalid disabled=no
add action=add-src-to-address-list address-list=virus_blaster address-list-timeout=2m chain=tcp comment=
    "Tangkap Virus Blaster" disabled=no dst-port=7000 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=7000 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=7000 protocol=udp
add action=drop chain=tcp comment="Blok Port POP3" disabled=no dst-port=1110 protocol=tcp
add action=drop chain=tcp disabled=no dst-port=1110 protocol=udp

[/codesyntax]

Baca Juga :   Pendukung 01Boikot Nasi Padang, Orang Minang : Lengkuas dikasih Bumbu Padang aja Loe demen
adri

adri

Perkenalkan, Saya Biasa di Sapa ADRI, Sehari2 Saya Berkuli di Komputer dengan Akses Internet 24 Jam Sehari Semalam (Tapi Tidak Selalu Online 24 Jam).

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Tulisan Populer

  • Design
  • Internet
  • Download
  • Lainnya
  • Linux
  • Review
  • Wordpress
Kode Imei Oppo R1001
Internet

Cara Mengembalikan Invalid IMEI Oppo R1001

4 years ago
2.7k
Download Kalender 2020
Design

Download Kalender 2020 Indonesia Lengkap Dengan Hari Libur Nasional

9 months ago
2.6k
Download

Mikrotik untuk MTCNA

4 years ago
2.5k
Lainnya

3 Cara Uninstal Netcut dari System Operasi Windows

1 year ago
2.5k
mengetik dengan suara
Internet

7 Cara Mudah Mengetik Dengan Suara Menggunakan Google Drive, Ngetik 10 Jari lewat Gan

2 weeks ago
2.6k

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

Follow Us

Recent News

mengetik dengan suara

7 Cara Mudah Mengetik Dengan Suara Menggunakan Google Drive, Ngetik 10 Jari lewat Gan

September 7, 2020
Xiaomi Redmi 9 Prime

Spesifikasi dan harga Xiaomi Redmi 9 Prime

September 5, 2020

Categories

  • Design
  • Download
  • Internet
  • Lainnya
  • Linux
  • Review
  • Wordpress
  • About
  • Contact
  • Disclaimer
  • Privacy Policy
  • SiteMap
  • TOS

© 2020 Personal Blog - adriyanto by AdriBlog.

No Result
View All Result
  • Home
  • Design
  • Internet
  • Download
  • Lainnya
  • Linux
  • Review
  • WordPress

© 2020 Personal Blog - adriyanto by AdriBlog.

Welcome Back!

OR

Login to your account below

Forgotten Password?

Create New Account!

OR

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In