BLOG BUDAK BUNGO

Pages

Connect With Us

Instructions

Recomended

blogbudakbungo. Powered by Blogger.

Labels

Las series mรกs vistas

Categories

Followers

Our Partners

Archive

Block Port Scanner di Mikrotik

di bagian filter:

Code:
/ip firewall filter
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="Port scanners to list " disabled=no
Chain ini dipakai untuk mendaftar ip ke black-list address list
Chain selanjutnya untuk mendeteksi apakah ada indikasi aktifitas port scanner:

add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
action=add-src-to-address-list address-list="port scanners"
address-list-timeout=2w comment="NMAP FIN Stealth scan"

add chain=input protocol=tcp tcp-flags=fin,syn
action=add-src-to-address-list address-list="port scanners"
address-list-timeout=2w comment="SYN/FIN scan"

add chain=input protocol=tcp tcp-flags=syn,rst
action=add-src-to-address-list address-list="port scanners"
address-list-timeout=2w comment="SYN/RST scan"

add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
action=add-src-to-address-list address-list="port scanners"
address-list-timeout=2w comment="FIN/PSH/URG scan"

add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
action=add-src-to-address-list address-list="port scanners"
address-list-timeout=2w comment="ALL/ALL scan"

add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
action=add-src-to-address-list address-list="port scanners"
address-list-timeout=2w comment="NMAP NULL scan"

jika ada tanda tanda dari kejadian di atas, maka harus didrop scanning IPnya pakai perintah ini:

add chain=input src-address-list="port scanners" action=drop comment="dropping port scanners" disabled=no
Anda baru saja membaca artikel yang berkategori mikrotik dengan judul Block Port Scanner di Mikrotik. Anda bisa bookmark halaman ini dengan URL https://blogbudakbungo.blogspot.com/2013/03/block-port-scanner-di-mikrotik.html. Terima kasih......??? sampai jumpa di blog saya berikutnya......??
Ditulis oleh: blog budak bungo - Friday 8 March 2013
Comments
0 Comments

Belum ada komentar untuk "Block Port Scanner di Mikrotik"

Proudly powered by : Blogger
Copyright © 2013. Blog Budak Bungo - All Rights Reserved
Blog By : Vhen Part II
Template by blogbudakbungo.blogspot.com | Publish :budakbungo