Scriptnya:
/ip firewall filter
add action=add-src-to-address-list address-list=DDOS address-list-timeout=15s \ chain=input comment="" disabled=no dst-port=1337 protocol=tcp
add action=add-src-to-address-list address-list=DDOS address-list-timeout=15m \ chain=input comment="" disabled=no dst-port=7331 protocol=tcp src-address-list=knock
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w \ chain=input comment="Port scanners to list " disabled=no protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w \ chain=input comment="SYN/FIN scan" disabled=no protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w \ chain=input comment="SYN/RST scan" disabled=no protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w \ chain=input disabled=no tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp \ comment="FIN/PSH/URG scan"
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w \ chain=input disabled=no protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg \
comment="ALL/ALL scan"
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w \ chain=input tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg comment="NMAP NULL scan" \ disabled=no protocol=tcp
add action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w \ chain=input comment="NMAP FIN Stealth scan" disabled=no protocol=tcp
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 \ protocol=tcp src-address=61.213.183.1-61.213.183.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 \ protocol=tcp src-address=67.195.134.1-67.195.134.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 \ protocol=tcp src-address=68.142.233.1-68.142.233.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 \ protocol=tcp src-address=68.180.217.1-68.180.217.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 \ protocol=tcp src-address=203.84.204.1-203.84.204.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 \ protocol=tcp src-address=69.63.176.1-69.63.176.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 \ protocol=tcp src-address=69.63.181.1-69.63.181.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 \ protocol=tcp src-address=63.245.209.1-63.245.209.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 \ protocol=tcp src-address=63.245.213.1-63.245.213.254
Featured Post
Pelanggan, adalah aset besar bagi setiap perusahaan. Sebuah perusahaan tidak akan mungkin mendapatkan penghasilan tanpa adanya pelanggan....
About Me
Entri Populer
-
Beberapa saat lalu saya dikagetkan dengan muncullnya log di mikrotik yang memberitahukan bahwa ada looping di jaringan saya. Kasus looping ... -
Sudah jadi lazimnya pada saat ini dimana frekwensi wireless sudah tumpang tindih, ditambah kurang bijaknya pemakaian kanal frekwensi terutam... -
NAT memberikan banyak manfaat dan keuntungan. Namun, ada beberapa drawbacks menggunakan NAT, termasuk kurangnya dukungan untuk beberapa jeni...
-
Tutup port ICMP melalu sysctl, cek dengan menjalankan perintah ini /sbin/sysctl -A|grep icmp net.ipv6.icmp.ratelimit = 1000 net....
-
1. GNOME (GNU Network Object Model Environment) Sebuah lingkungan desktop (desktop environment) grafis antarmuka yang berjalan di atas sis... -
Sedikit penjelasan tentang DDOS attack atau (Distributed Denial of Service (DDOS) Attacks). adalah jenis serangan terhadap sebuah komputer a...
-
Scriptnya: /ip firewall filter add action=add-src-to-address-list address-list=DDOS address-list-timeout=15s \ chain=input comment="&qu...
-
Persiapan Instalasi Cek dulu modul-modul berikut ini di ClearOS sudah terinstall dan sudah jalan (START) 1. Webserver 2. SQL Server Langkah-...
-
jaringan komputer menggunakan protokol tunneling ketika salah satu protokol jaringan (protokol pengiriman) merangkum muatan protokol yang be...
-
A. Pengertian Wi-Fi Wi-Fi=Wireless Fidelity, Wire= kabel, less=tanpa. Wi-Fi merupakan kependekan dari Wireless Fidelity, yang memiliki pen...
0 comments:
Post a Comment