Entrar
Últimos assuntos
» internet lentapor brooklin_sul Qui 11 Abr - 19:17
» Como pingar pelos dois links
por bruno9988 Ter 20 Fev - 19:12
» BFW em paralelo com Mikrotik
por antoniogiga Qui 18 Jan - 1:40
» NAT MIKROTIK
por squall1808 Seg 8 Jan - 18:07
» Aumenta Lucro do provedor com Servidor de FILME - Dica como montar um " Netflix"
por bruno9988 Ter 19 Dez - 17:59
» hotspot conexao lenta
por brooklin_sul Seg 18 Dez - 1:04
» Acessar Radio e roteadores pelo Mikrotik
por antoniogiga Ter 15 Nov - 16:49
» [Resolvido]Balanceamento usando o Net Virtua ( Netcombo)
por antoniogiga Ter 15 Nov - 8:02
» whatsapp lento
por antoniogiga Ter 15 Nov - 8:00
» to de volta qual quer duvida soh chamar
por antoniogiga Ter 15 Nov - 7:58
» Firmware ApRouter em Radio - Chipset rtl8186!
por antoniogiga Dom 17 Jul - 18:02
» QoS por mac-address (ou IP amarrado) quando tenho 01 mikrotik + 05 routers
por rdnetwork Sex 4 Fev - 7:58
» Microtik - OpenVPN não conecta com 2 links 2 internet balanceados
por vagneroliveira Qui 3 Fev - 6:44
» Software gerenciamento ZTE C320
por lancecom Qui 18 Mar - 11:27
» Software Gerenciamento ZTE C320
por lancecom Seg 15 Mar - 17:21
Tópicos semelhantes
Top dos mais postadores
claudinhohw Network | ||||
morais2707 | ||||
cristiano.micros | ||||
cdanielboy | ||||
Sixagencia Networks | ||||
ZBTECK | ||||
dsdigital | ||||
BBD NET | ||||
Gerônimo | ||||
Marcelo |
Estatísticas
Temos 31897 usuários registradosO último membro registrado é fhca78
Os nossos membros postaram um total de 38285 mensagens em 5803 assuntos
Drop Port Scanners
2 participantes
Página 1 de 1
Drop Port Scanners
Olá pessoal
Quero bloquear Port Scanner no Mikrotik, pesquisando achei as linhas abaixo:
/ip firewall filter
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="Port scanners to list " disabled=no
add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP FIN Stealth scan"
add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/FIN scan"
add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/RST scan"
add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="FIN/PSH/URG scan"
add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="ALL/ALL scan"
add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP NULL scan"
add chain=input src-address-list="port scanners" action=drop comment="dropping port scanners" disabled=no
Testei e esta deixando passar.
Alguém tem uma regra que realmente barre qualquer tentativa por Ports Scanners ?
Quero bloquear Port Scanner no Mikrotik, pesquisando achei as linhas abaixo:
/ip firewall filter
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="Port scanners to list " disabled=no
add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP FIN Stealth scan"
add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/FIN scan"
add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/RST scan"
add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="FIN/PSH/URG scan"
add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="ALL/ALL scan"
add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP NULL scan"
add chain=input src-address-list="port scanners" action=drop comment="dropping port scanners" disabled=no
Testei e esta deixando passar.
Alguém tem uma regra que realmente barre qualquer tentativa por Ports Scanners ?
ConectOS- Baby
- Mensagens : 18
Pontos : 30
Reputação : 2
Data de inscrição : 17/01/2014
Idade : 44
Localização : Brasil
Re: Drop Port Scanners
as minhas são:
/ip firewall filter
add chain=input src-address-list=”portscanners” action=drop comment="--------------- Bloqueia Scanner de Portas -------------" disabled=no
add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w disabled=no
add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
Funcina perfeita..
/ip firewall filter
add chain=input src-address-list=”portscanners” action=drop comment="--------------- Bloqueia Scanner de Portas -------------" disabled=no
add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w disabled=no
add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=”portscanners” address-list-timeout=2w
Funcina perfeita..
adeiltonjr- Iniciante
- Mensagens : 37
Pontos : 48
Reputação : 3
Data de inscrição : 30/05/2012
Idade : 39
Localização : Crato - Ce
Tópicos semelhantes
» Liberação de portas Port Forwading / POrt Triggering
» Entendendo o drop do firewall filter
» LIBERAR PORTA DO GAME RANGER
» Entendendo o drop do firewall filter
» LIBERAR PORTA DO GAME RANGER
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|