Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Blok Virus Di Mikrotik

    Hochgeladen von

    Maulana Achmad Abi
    162 Ansichten12 Seiten

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    TXT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    162 Ansichten12 Seiten

    Blok Virus Di Mikrotik

    Hochgeladen von

    Maulana Achmad Abi

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 12

    blok virum worm admin@MiKroTik:$ /ip firewall filter add chain=virus protocol=tcp dst-port=1 action=drop comment="Breach.2001, Socket sDeTroie.

    230, SocketsDeTroie.250" add chain=virus protocol=tcp dst-port=25 action=drop comment="Aji, Antigen, Emai l Password Sender, Email Worms, Gip, Happy99/Ska, Haebu Coceda, Loveletter, Kuan g2, Magic Horse, Moscow Email Trojan, Neabi, ProMail trojan, NewApt, Shtrilitz, Stealth, Taripas, Terminator" disabled=yes add chain=virus protocol=tcp dst-port=28 action=drop comment="Amanda.200" add chain=virus protocol=tcp dst-port=31 action=drop comment="MastersParadise.92 0" add chain=virus protocol=tcp dst-port=68 action=drop comment="Subseven.100" add chain=virus protocol=tcp dst-port=135-139 action=drop comment="Blaster Worm" disabled=no add chain=virus protocol=tcp dst-port=142 action=drop comment="NetTaxi.180" add chain=virus protocol=tcp dst-port=146 action=drop comment="Infector.141, Int ruder.100, Intruder.100" add chain=virus protocol=tcp dst-port=171 action=drop comment="ATrojan.200" add chain=virus protocol=tcp dst-port=285-286 action=drop comment="WCTrojan.100" add chain=virus protocol=tcp dst-port=334 action=drop comment="Backage.310" add chain=virus protocol=tcp dst-port=370 action=drop comment="NeuroticKat.120, NeuroticKat.130" add chain=virus protocol=tcp dst-port=413 action=drop comment="Coma.109" add chain=virus protocol=tcp dst-port=420 action=drop comment="Breach.450" add chain=virus protocol=tcp dst-port=445 action=drop comment="Blaster Worm" dis abled=no add chain=virus protocol=tcp dst-port=555 action=drop comment="Id2001.100, Phase Zero.100, StealthSpy.100" add chain=virus protocol=tcp dst-port=593 action=drop comment="________" disable d=no add chain=virus protocol=tcp dst-port=623 action=drop comment="Rtb666.160" add chain=virus protocol=tcp dst-port=660 action=drop comment="Zaratustra.100" add chain=virus protocol=tcp dst-port=661 action=drop comment="Noknok.800, Nokno k.820" add chain=virus protocol=tcp dst-port=666 action=drop comment="BackConstruction. 210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus. 100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackd oor.102, Unicorn.100, Unicorn.101, Unicorn.110" add chain=virus protocol=tcp dst-port=667 action=drop comment="SniperNet.210, Sn ipernet.220" add chain=virus protocol=tcp dst-port=668 action=drop comment="Unicorn.101, Unic orn.110" add chain=virus protocol=tcp dst-port=680 action=drop comment="Rtb666.160" add chain=virus protocol=tcp dst-port=777 action=drop comment="Tiny.100, Undetec ted.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetec ted.331, Undetected.332" add chain=virus protocol=tcp dst-port=785 action=drop comment="NetworkTerrorist. 100" add chain=virus protocol=tcp dst-port=800 action=drop comment="NeuroticKitten.01 0" add chain=virus protocol=tcp dst-port=831 action=drop comment="NeuroticKat.100, NeuroticKat.120, NeuroticKat.130" add chain=virus protocol=tcp dst-port=901 action=drop comment="NetDevil.130, Net Devil.140" add chain=virus protocol=tcp dst-port=1000 action=drop comment="DerSpaeher.200" add chain=virus protocol=tcp dst-port=1001 action=drop comment="Silencer.100" add chain=virus protocol=tcp dst-port=1008 action=drop comment="AutoSpy.100" add chain=virus protocol=tcp dst-port=1010 action=drop comment="DerSpaeher.200" add chain=virus protocol=tcp dst-port=1015 action=drop comment="Doly.150" add chain=virus protocol=tcp dst-port=1111 action=drop comment="TPort.100"

    add chain=virus protocol=tcp dst-port=1024-1029 action=drop comment="________" d isabled=no add chain=virus protocol=tcp dst-port=1080 action=drop comment="MyDoom" disabled =no add chain=virus protocol=tcp dst-port=1130 action=drop comment="Noknok.800, Nokn ok.820" add chain=virus protocol=tcp dst-port=1207 action=drop comment="SoftWAR.100" add chain=virus protocol=tcp dst-port=1214 action=drop comment="________" disabl ed=no add chain=virus protocol=tcp dst-port=1243 action=drop comment="Subseven.100, Su bSeven.110, SubSeven.180, SubSeven.190, Subseven.200" add chain=virus protocol=tcp dst-port=1245 action=drop comment="VoodooDoll.006" add chain=virus protocol=tcp dst-port=1269 action=drop comment="Matrix.130" add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment="Worm" disab led=no add chain=virus protocol=tcp dst-port=1363 action=drop comment="ndm requester" d isabled=no add chain=virus protocol=tcp dst-port=1364 action=drop comment="ndm server" disa bled=no add chain=virus protocol=tcp dst-port=1368 action=drop comment="screen cast" dis abled=no add chain=virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx" disab led=no add chain=virus protocol=tcp dst-port=1377 action=drop comment="cichlid" disable d=no add chain=virus protocol=tcp dst-port=1480 action=drop comment="RemoteHack.130" add chain=virus protocol=tcp dst-port=1568 action=drop comment="RemoteHack.100, RemoteHack.110" add chain=virus protocol=tcp dst-port=1600-1602 action=drop comment="DirectConne ction.100" add chain=virus protocol=tcp dst-port=1634 action=drop comment="NetCrack.100" add chain=virus protocol=tcp dst-port=1784 action=drop comment="Snid.120, Snid.2 12" add chain=virus protocol=tcp dst-port=1999 action=drop comment="TransmissionScou t.100, TransmissionScout.110" add chain=virus protocol=tcp dst-port=2000 action=drop comment="ATrojan.200, Ins aneNetwork.400" add chain=virus protocol=tcp dst-port=2001 action=drop comment="DIRT.220, Trojan Cow.100" add chain=virus protocol=tcp dst-port=2003 action=drop comment="TransmissionScou t.100, TransmissionScout.110" add chain=virus protocol=tcp dst-port=2023 action=drop comment="RipperPro.100" add chain=virus protocol=tcp dst-port=2040 action=drop comment="InfernoUploader. 100" add chain=virus protocol=tcp dst-port=2115 action=drop comment="Bugs.100" add chain=virus protocol=tcp dst-port=2140 action=drop comment="DeepThroat.100, DeepThroat.200, DeepThroat.310" add chain=virus protocol=tcp dst-port=2283 action=drop comment="Dumaru.Y" disabl ed=no add chain=virus protocol=tcp dst-port=2332 action=drop comment="SilentSpy.202" add chain=virus protocol=tcp dst-port=2535 action=drop comment="Beagle" disabled =no add chain=virus protocol=tcp dst-port=2589 action=drop comment="Dagger.140" add chain=virus protocol=tcp dst-port=2600 action=drop comment="DigitalRootbeer. 100" add chain=virus protocol=tcp dst-port=2745 action=drop comment="Bagle Virus" dis abled=no add chain=virus protocol=tcp dst-port=2745 action=drop comment="Beagle.C-K" disa bled=no add chain=virus protocol=tcp dst-port=2989 action=drop comment="Rat.200"

    add chain=virus protocol=tcp dst-port=3127 action=drop comment="MyDoom" disabled =no add chain=virus protocol=tcp dst-port=3128 action=drop comment="MastersParadise. 970" add chain=virus protocol=tcp dst-port=3129 action=drop comment="MastersParadise. 920, MastersParadise.970" add chain=virus protocol=tcp dst-port=3150 action=drop comment="DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110" add chain=virus protocol=tcp dst-port=3215 action=drop comment="BlackStar.100, G host.230" add chain=virus protocol=tcp dst-port=3333 action=drop comment="Daodan.123" add chain=virus protocol=tcp dst-port=3410 action=drop comment="Backdoor optixPr o" disabled=no add chain=virus protocol=tcp dst-port=3410 action=drop comment="OptixPro.100, Op tixPro.110" add chain=virus protocol=tcp dst-port=3456 action=drop comment="Force.155, Terro rTrojan.100" add chain=virus protocol=tcp dst-port=3505 action=drop comment="AutoSpy.130, Aut oSpy.140" add chain=virus protocol=tcp dst-port=3586 action=drop comment="Snid.120, Snid.2 12" add chain=virus protocol=tcp dst-port=3700 action=drop comment="PortalOfDoom.100 " add chain=virus protocol=tcp dst-port=3723 action=drop comment="Mantis.100" add chain=virus protocol=tcp dst-port=3800 action=drop comment="Eclypse.100" add chain=virus protocol=tcp dst-port=3996 action=drop comment="RemoteAnything.3 64" add chain=virus protocol=tcp dst-port=4000 action=drop comment="SkyDance.220, Sk yDance.229" add chain=virus protocol=tcp dst-port=4201 action=drop comment="Wartrojan.160, W artrojan.200" add chain=virus protocol=tcp dst-port=4225 action=drop comment="SilentSpy.202" add chain=virus protocol=tcp dst-port=4321 action=drop comment="Bobo.100" add chain=virus protocol=tcp dst-port=4444 action=drop comment="Worm" disabled=n o add chain=virus protocol=tcp dst-port=4444 action=drop comment="AlexTrojan.200, Crackdown.100" add chain=virus protocol=tcp dst-port=4488 action=drop comment="EventHorizon.100 " add chain=virus protocol=tcp dst-port=4523 action=drop comment="Celine.100" add chain=virus protocol=tcp dst-port=4545 action=drop comment="InternalRevise.1 00, RemoteRevise.150" add chain=virus protocol=tcp dst-port=4567 action=drop comment="FileNail.100" add chain=virus protocol=tcp dst-port=4666 action=drop comment="Mneah.100" add chain=virus protocol=tcp dst-port=4691 action=drop comment="Confiker" add chain=virus protocol=tcp dst-port=4950 action=drop comment="ICQTrojan.100" add chain=virus protocol=tcp dst-port=5005 action=drop comment="Aladino.060" add chain=virus protocol=tcp dst-port=5025 action=drop comment="Keylogger.WMRemo te.100" add chain=virus protocol=tcp dst-port=5031 action=drop comment="NetMetro.104" add chain=virus protocol=tcp dst-port=5032 action=drop comment="NetMetro.104" add chain=virus protocol=tcp dst-port=5033 action=drop comment="NetMetro.104" add chain=virus protocol=tcp dst-port=5050 action=drop comment="RoxRat.100" add chain=virus protocol=tcp dst-port=5151 action=drop comment="OptixLite.020, O ptixLite.030, OptixLite.040" add chain=virus protocol=tcp dst-port=5190 action=drop comment="MBomber.100" add chain=virus protocol=tcp dst-port=5277 action=drop comment="WinShell.400" add chain=virus protocol=tcp dst-port=5343 action=drop comment="WCRat.100" add chain=virus protocol=tcp dst-port=5400 action=drop comment="BackConstruction .120, BackConstruction.150, BladeRunner.080, DeepThroat.300"

    add chain=virus protocol=tcp dst-port=5401 action=drop comment="BackConstruction .120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRun ner.080, DeepThroat.300, Mneah.100" add chain=virus protocol=tcp dst-port=5402 action=drop comment="BackConstruction .210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100" add chain=virus protocol=tcp dst-port=5534 action=drop comment="TheFlu.100" add chain=virus protocol=tcp dst-port=5550 action=drop comment="XTCP.200, XTCP.2 01" add chain=virus protocol=tcp dst-port=5554 action=drop comment="Sasser" disabled =no add chain=virus protocol=tcp dst-port=5555 action=drop comment="Noxcape.100, Nox cape.200" add chain=virus protocol=tcp dst-port=5695 action=drop comment="Assassin.100" add chain=virus protocol=tcp dst-port=5714 action=drop comment="WinCrash.100" add chain=virus protocol=tcp dst-port=5741 action=drop comment="WinCrash.100" add chain=virus protocol=tcp dst-port=5742 action=drop comment="WinCrash.103" add chain=virus protocol=tcp dst-port=5802 action=drop comment="Y3KRat.160" add chain=virus protocol=tcp dst-port=5810 action=drop comment="Y3KRat.160" add chain=virus protocol=tcp dst-port=5838 action=drop comment="Y3KRat.170" add chain=virus protocol=tcp dst-port=5858 action=drop comment="Y3KRat.110, Y3KR at.120, Y3KRat.140" add chain=virus protocol=tcp dst-port=5880 action=drop comment="Y3KRat.140" add chain=virus protocol=tcp dst-port=5881 action=drop comment="Y3KRat.110, Y3KR at.120, Y3KRat.140" add chain=virus protocol=tcp dst-port=5882 action=drop comment="Y3KRat.100, Y3KR at.110, Y3KRat.120, Y3KRat.140, Y3KRat.150" add chain=virus protocol=tcp dst-port=5883 action=drop comment="Y3KRat.110, Y3KR at.140" add chain=virus protocol=tcp dst-port=5884 action=drop comment="Y3KRat.140, Y3KR at.150" add chain=virus protocol=tcp dst-port=5885 action=drop comment="Y3KRat.110, Y3KR at.120, Y3KRat.140" add chain=virus protocol=tcp dst-port=5886 action=drop comment="Y3KRat.120, Y3KR at.140" add chain=virus protocol=tcp dst-port=5887 action=drop comment="Y3KRat.110, Y3KR at.120, Y3KRat.140" add chain=virus protocol=tcp dst-port=5888 action=drop comment="Y3KRat.100, Y3KR at.110, Y3KRat.120, Y3KRat.140, Y3KRat.150" add chain=virus protocol=tcp dst-port=5889 action=drop comment="Y3KRat.100, Y3KR at.110, Y3KRat.120, Y3KRat.140, Y3KRat.150" add chain=virus protocol=tcp dst-port=5890 action=drop comment="Y3KRat.140" add chain=virus protocol=tcp dst-port=5933 action=drop comment="Confiker" add chain=virus protocol=tcp dst-port=6400 action=drop comment="Thething.100, Th ething.150" add chain=virus protocol=tcp dst-port=6556 action=drop comment="AutoSpy.120, Aut oSpy.122" add chain=virus protocol=tcp dst-port=6655 action=drop comment="Aqua.020" add chain=virus protocol=tcp dst-port=6660 action=drop comment="LameSpy.095" add chain=virus protocol=tcp dst-port=6666 action=drop comment="LameRemote.100, ProjectMayhem.100" add chain=virus protocol=tcp dst-port=6669 action=drop comment="Vampire.100" add chain=virus protocol=tcp dst-port=6670 action=drop comment="DeepThroat.200, DeepThroat.210" add chain=virus protocol=tcp dst-port=6671 action=drop comment="DeepThroat.310" add chain=virus protocol=tcp dst-port=6699 action=drop comment="HostControl.101" add chain=virus protocol=tcp dst-port=6711 action=drop comment="DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190" add chain=virus protocol=tcp dst-port=6712 action=drop comment="Subseven.100" add chain=virus protocol=tcp dst-port=6713 action=drop comment="Subseven.100" add chain=virus protocol=tcp dst-port=6767 action=drop comment="NTRC.120"

    add chain=virus protocol=tcp dst-port=6776 action=drop comment="SubSeven.180, Su bSeven.190, Subseven.200" add chain=virus protocol=tcp dst-port=6789 action=drop comment="Doly.200" add chain=virus protocol=tcp dst-port=6796 action=drop comment="SubSeven.214" add chain=virus protocol=tcp dst-port=6912 action=drop comment="ShitHeep.100" add chain=virus protocol=tcp dst-port=6939 action=drop comment="Indoctrination.1 00" add chain=virus protocol=tcp dst-port=6953 action=drop comment="Lithium.100" add chain=virus protocol=tcp dst-port=6969 action=drop comment="2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton. 330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120" add chain=virus protocol=tcp dst-port=6970 action=drop comment="Danton.330" add chain=virus protocol=tcp dst-port=7001 action=drop comment="Freak88.100" add chain=virus protocol=tcp dst-port=7119 action=drop comment="Massaker.100" add chain=virus protocol=tcp dst-port=7200 action=drop comment="Massaker.110" add chain=virus protocol=tcp dst-port=7300 action=drop comment="Coced.221" add chain=virus protocol=tcp dst-port=7301 action=drop comment="Coced.221" add chain=virus protocol=tcp dst-port=7306 action=drop comment="NetSpy.200, NetS py.200" add chain=virus protocol=tcp dst-port=7410 action=drop comment="Phoenix.190, Pho enix.200" add chain=virus protocol=tcp dst-port=7511 action=drop comment="Genue.100" add chain=virus protocol=tcp dst-port=7609 action=drop comment="Snid.120, Snid.2 12" add chain=virus protocol=tcp dst-port=7614 action=drop comment="Wollf.130" add chain=virus protocol=tcp dst-port=7648 action=drop comment="BlackStar.100, G host.230" add chain=virus protocol=tcp dst-port=7788 action=drop comment="Last.2000, Matri x.200" add chain=virus protocol=tcp dst-port=7826 action=drop comment="MiniOblivion.010 , Oblivion.010" add chain=virus protocol=tcp dst-port=7887 action=drop comment="SmallFun.110" add chain=virus protocol=tcp dst-port=7891 action=drop comment="Revenger.100" add chain=virus protocol=tcp dst-port=7979 action=drop comment="VagrNocker.200" add chain=virus protocol=tcp dst-port=7997 action=drop comment="VagrNocker.200" add chain=virus protocol=tcp dst-port=8000 action=drop comment="XConsole.100" add chain=virus protocol=tcp dst-port=8011 action=drop comment="Way.240" add chain=virus protocol=tcp dst-port=8012 action=drop comment="Ptakks.215, Ptak ks.217" add chain=virus protocol=tcp dst-port=8110 action=drop comment="LoseLove.100" add chain=virus protocol=tcp dst-port=8111 action=drop comment="LoseLove.100" add chain=virus protocol=tcp dst-port=8301 action=drop comment="LoseLove.100" add chain=virus protocol=tcp dst-port=8302 action=drop comment="LoseLove.100" add chain=virus protocol=tcp dst-port=8372 action=drop comment="NetBoy.100" add chain=virus protocol=tcp dst-port=8720 action=drop comment="Connection.130" add chain=virus protocol=tcp dst-port=8734 action=drop comment="AutoSpy.110" add chain=virus protocol=tcp dst-port=8811 action=drop comment="Force.155" add chain=virus protocol=tcp dst-port=8866 action=drop comment="Beagle.B" disabl ed=no add chain=virus protocol=tcp dst-port=8899 action=drop comment="Last.2000" add chain=virus protocol=tcp dst-port=9000 action=drop comment="Aristotles.100" add chain=virus protocol=tcp dst-port=9301 action=drop comment="LoseLove.100" add chain=virus protocol=tcp dst-port=9400 action=drop comment="InCommand.100, I nCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InComm and.153, InCommand.160, InCommand.167, InCommand.170" add chain=virus protocol=tcp dst-port=9401 action=drop comment="InCommand.100, I nCommand.110, InCommand.170" add chain=virus protocol=tcp dst-port=9402 action=drop comment="InCommand.100, I nCommand.110" add chain=virus protocol=tcp dst-port=9561 action=drop comment="CRatPro.110"

    add chain=virus protocol=tcp dst-port=9563 action=drop comment="CRatPro.110" add chain=virus protocol=tcp dst-port=9580 action=drop comment="TheefLE.100" add chain=virus protocol=tcp dst-port=9696 action=drop comment="Danton.210, Ghos t.230" add chain=virus protocol=tcp dst-port=9697 action=drop comment="Danton.320, Dant on.330, Ghost.230" add chain=virus protocol=tcp dst-port=9870 action=drop comment="R3C.100" add chain=virus protocol=tcp dst-port=9872 action=drop comment="PortalOfDoom.100 " add chain=virus protocol=tcp dst-port=9873 action=drop comment="PortalOfDoom.100 " add chain=virus protocol=tcp dst-port=9874 action=drop comment="PortalOfDoom.100 " add chain=virus protocol=tcp dst-port=9875 action=drop comment="PortalOfDoom.100 " add chain=virus protocol=tcp dst-port=9876 action=drop comment="Rux.100, SheepGo at.100" add chain=virus protocol=tcp dst-port=9877 action=drop comment="SmallBigBrother. 020" add chain=virus protocol=tcp dst-port=9878 action=drop comment="SmallBigBrother. 020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120" add chain=virus protocol=tcp dst-port=9879 action=drop comment="SmallBigBrother. 020" add chain=virus protocol=tcp dst-port=9898 action=drop comment="Dabber.A-B" disa bled=no add chain=virus protocol=tcp dst-port=9999 action=drop comment="ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300" add chain=virus protocol=tcp dst-port=10000 action=drop comment="Dumaru.Y, sebai knya di didisable karena juga sering digunakan utk vpn atau webmin" disabled=yes add chain=virus protocol=tcp dst-port=10001 action=drop comment="DTr.130, DTr.14 0" add chain=virus protocol=tcp dst-port=10013 action=drop comment="Amanda.200" add chain=virus protocol=tcp dst-port=10067 action=drop comment="PortalOfDoom.10 0" add chain=virus protocol=tcp dst-port=10080 action=drop comment="MyDoom.B" disab led=no add chain=virus protocol=tcp dst-port=10100 action=drop comment="Gift.240" add chain=virus protocol=tcp dst-port=10101 action=drop comment="NewSilencer.100 " add chain=virus protocol=tcp dst-port=10167 action=drop comment="PortalOfDoom.10 0" add chain=virus protocol=tcp dst-port=10528 action=drop comment="HostControl.100 , HostControl.260" add chain=virus protocol=tcp dst-port=10607 action=drop comment="Coma.109" add chain=virus protocol=tcp dst-port=10666 action=drop comment="Ambush.100" add chain=virus protocol=tcp dst-port=11011 action=drop comment="Amanda.200" add chain=virus protocol=tcp dst-port=11050 action=drop comment="HostControl.101 " add chain=virus protocol=tcp dst-port=11051 action=drop comment="HostControl.100 , HostControl.260" add chain=virus protocol=tcp dst-port=11223 action=drop comment="AntiNuke.100, P rogenic.100, Progenic.110" add chain=virus protocol=tcp dst-port=11225 action=drop comment="Cyn.100, Cyn.10 3, Cyn.120" add chain=virus protocol=tcp dst-port=11306 action=drop comment="Noknok.800, Nok nok.820" add chain=virus protocol=tcp dst-port=11831 action=drop comment="Katux.200, Lati nus.140, Latinus.150, Pest.100, Pest.400" add chain=virus protocol=tcp dst-port=11991 action=drop comment="PitfallSurprise .100"

    add chain=virus protocol=tcp dst-port=12043 action=drop comment="Frenzy.2000" add chain=virus protocol=tcp dst-port=12345 action=drop comment="NetBus" disable d=no add chain=virus protocol=tcp dst-port=12345 action=drop comment="Fade.100, Netbu s.160, Netbus.170, VagrNocker.400" add chain=virus protocol=tcp dst-port=12346 action=drop comment="Netbus.160, Net bus.170" add chain=virus protocol=tcp dst-port=12348 action=drop comment="Bionet.210, Bio net.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317" add chain=virus protocol=tcp dst-port=12349 action=drop comment="Bionet.084, Bio net.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402" add chain=virus protocol=tcp dst-port=12389 action=drop comment="KheSanh.210" add chain=virus protocol=tcp dst-port=12478 action=drop comment="Bionet.210" add chain=virus protocol=tcp dst-port=12623 action=drop comment="Buttman.090, Bu ttman.100" add chain=virus protocol=tcp dst-port=12624 action=drop comment="Buttman.090, Bu ttman.100" add chain=virus protocol=tcp dst-port=12625 action=drop comment="Buttman.100" add chain=virus protocol=tcp dst-port=12904 action=drop comment="Akropolis.100, Rocks.100" add chain=virus protocol=tcp dst-port=13473 action=drop comment="Chupacabra.100" add chain=virus protocol=tcp dst-port=13753 action=drop comment="AFTP.010" add chain=virus protocol=tcp dst-port=14100 action=drop comment="Eurosol.100" add chain=virus protocol=tcp dst-port=14194 action=drop comment="CyberSpy.840" add chain=virus protocol=tcp dst-port=14286 action=drop comment="HellDriver.100" add chain=virus protocol=tcp dst-port=14500 action=drop comment="PCInvader.050, PCInvader.060, PCInvader.070" add chain=virus protocol=tcp dst-port=14501 action=drop comment="PCInvader.060, PCInvader.070" add chain=virus protocol=tcp dst-port=14502 action=drop comment="PCInvader.050, PCInvader.060, PCInvader.070" add chain=virus protocol=tcp dst-port=14503 action=drop comment="PCInvader.050, PCInvader.060, PCInvader.070" add chain=virus protocol=tcp dst-port=14504 action=drop comment="PCInvader.050, PCInvader.060" add chain=virus protocol=tcp dst-port=15092 action=drop comment="HostControl.100 , HostControl.260" add chain=virus protocol=tcp dst-port=15382 action=drop comment="SubZero.100" add chain=virus protocol=tcp dst-port=15432 action=drop comment="Cyn.210" add chain=virus protocol=tcp dst-port=15555 action=drop comment="ICMIBC.100" add chain=virus protocol=tcp dst-port=16322 action=drop comment="LastDoor.100" add chain=virus protocol=tcp dst-port=16484 action=drop comment="MoSucker.110" add chain=virus protocol=tcp dst-port=16661 action=drop comment="Dfch.010" add chain=virus protocol=tcp dst-port=16969 action=drop comment="Progenic.100" add chain=virus protocol=tcp dst-port=16982 action=drop comment="AcidShiver.100" add chain=virus protocol=tcp dst-port=17300 action=drop comment="Kuang2" disable d=no add chain=virus protocol=tcp dst-port=17300 action=drop comment="Kuang.200" add chain=virus protocol=tcp dst-port=17499 action=drop comment="CrazzyNet.370, CrazzyNet.375, CrazzyNet.521" add chain=virus protocol=tcp dst-port=17500 action=drop comment="CrazzyNet.370, CrazzyNet.375, CrazzyNet.521" add chain=virus protocol=tcp dst-port=17569 action=drop comment="Infector.141, I nfector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.10 0, Intruder.100" add chain=virus protocol=tcp dst-port=17593 action=drop comment="AudioDoor.120" add chain=virus protocol=tcp dst-port=19191 action=drop comment="BlueFire.035, B lueFire.041"

    add chain=virus protocol=tcp dst-port=19604 action=drop comment="Metal.270" add chain=virus protocol=tcp dst-port=19605 action=drop comment="Metal.270" add chain=virus protocol=tcp dst-port=19991 action=drop comment="Dfch.010" add chain=virus protocol=tcp dst-port=20000 action=drop comment="Millenium.100" add chain=virus protocol=tcp dst-port=20001 action=drop comment="Millenium.100, PshychoFiles.180" add chain=virus protocol=tcp dst-port=20002 action=drop comment="AcidKor.100, Ps hychoFiles.180" add chain=virus protocol=tcp dst-port=20005 action=drop comment="MoSucker.200, M oSucker.210, MoSucker.220" add chain=virus protocol=tcp dst-port=21212 action=drop comment="Schwindler.182" add chain=virus protocol=tcp dst-port=21554 action=drop comment="Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135" add chain=virus protocol=tcp dst-port=21579 action=drop comment="Breach.2001" add chain=virus protocol=tcp dst-port=21584 action=drop comment="Breach.2001" add chain=virus protocol=tcp dst-port=21684 action=drop comment="Intruse.134" add chain=virus protocol=tcp dst-port=22068 action=drop comment="AcidShiver.110" add chain=virus protocol=tcp dst-port=22115 action=drop comment="Cyn.120" add chain=virus protocol=tcp dst-port=22222 action=drop comment="Prosiak.047, Ru ler.141, Rux.300, Rux.400, Rux.500, Rux.600" add chain=virus protocol=tcp dst-port=22223 action=drop comment="Rux.400, Rux.50 0, Rux.600" add chain=virus protocol=tcp dst-port=22456 action=drop comment="Bla.200, Bla.50 3" add chain=virus protocol=tcp dst-port=22457 action=drop comment="AcidShiver.120, Bla.200, Bla.503" add chain=virus protocol=tcp dst-port=22784 action=drop comment="Intruzzo.110" add chain=virus protocol=tcp dst-port=22845 action=drop comment="Breach.450" add chain=virus protocol=tcp dst-port=22847 action=drop comment="Breach.450" add chain=virus protocol=tcp dst-port=23005 action=drop comment="Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100" add chain=virus protocol=tcp dst-port=23006 action=drop comment="Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100" add chain=virus protocol=tcp dst-port=23032 action=drop comment="Amanda.200" add chain=virus protocol=tcp dst-port=23432 action=drop comment="Asylum.010, Asy lum.012, Asylum.013, Asylum.014, MiniAsylum.110" add chain=virus protocol=tcp dst-port=23456 action=drop comment="EvilFTP.100, Va grNocker.400" add chain=virus protocol=tcp dst-port=23476 action=drop comment="DonaldDick.153, DonaldDick.154, DonaldDick.155" add chain=virus protocol=tcp dst-port=23477 action=drop comment="DonaldDick.153" add chain=virus protocol=tcp dst-port=24000 action=drop comment="Infector.170" add chain=virus protocol=tcp dst-port=24307 action=drop comment="Wildek.020" add chain=virus protocol=tcp dst-port=25386 action=drop comment="MoonPie.220" add chain=virus protocol=tcp dst-port=25486 action=drop comment="MoonPie.220" add chain=virus protocol=tcp dst-port=25555 action=drop comment="FreddyK.100, Fr eddyK.200" add chain=virus protocol=tcp dst-port=25556 action=drop comment="FreddyK.100" add chain=virus protocol=tcp dst-port=25685 action=drop comment="MoonPie.010, Mo onPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400" add chain=virus protocol=tcp dst-port=25686 action=drop comment="MoonPie.135, Mo onPie.200, MoonPie.400" add chain=virus protocol=tcp dst-port=25982 action=drop comment="MoonPie.135, Mo onPie.200" add chain=virus protocol=tcp dst-port=26274 action=drop comment="Delta.050" add chain=virus protocol=tcp dst-port=27160 action=drop comment="MoonPie.135, Mo onPie.200" add chain=virus protocol=tcp dst-port=27184 action=drop comment="Alvgus.100, Alv gus.800" add chain=virus protocol=tcp dst-port=27374 action=drop comment="SubSeven" disab

    led=no add chain=virus protocol=tcp dst-port=27374 action=drop comment="Muerte.110, Sub seven.210, SubSeven.213" add chain=virus protocol=tcp dst-port=28429-28436 action=drop comment="Hack'a'Ta ck.2000" add chain=virus protocol=tcp dst-port=29559 action=drop comment="DuckToy.100, Du ckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400" add chain=virus protocol=tcp dst-port=29891 action=drop comment="Unexplained.100 " add chain=virus protocol=tcp dst-port=30000 action=drop comment="Infector.170" add chain=virus protocol=tcp dst-port=30001 action=drop comment="Error32.100" add chain=virus protocol=tcp dst-port=30003 action=drop comment="LamersDeath.100 " add chain=virus protocol=tcp dst-port=30029action=drop comment="AOLTrojan.110" add chain=virus protocol=tcp dst-port=30100-30103 action=drop comment="NetSphere .127, NetSphere.130, NetSphere.131" add chain=virus protocol=tcp dst-port=30103 action=drop comment="NetSphere.131" add chain=virus protocol=tcp dst-port=30947 action=drop comment="Intruse.134" add chain=virus protocol=tcp dst-port=31320 action=drop comment="LittleWitch.400 , LittleWitch.420" add chain=virus protocol=tcp dst-port=31337 action=drop comment="BackOrifice.120 , Khaled.100, OPC.200" add chain=virus protocol=tcp dst-port=31415 action=drop comment="Lithium.101" add chain=virus protocol=tcp dst-port=31416 action=drop comment="Lithium.100, Li thium.101" add chain=virus protocol=tcp dst-port=31557 action=drop comment="Xanadu.110" add chain=virus protocol=tcp dst-port=31631 action=drop comment="CleptoManicos.1 00" add chain=virus protocol=tcp dst-port=31745 action=drop comment="Buschtrommel.10 0, Buschtrommel.122" add chain=virus protocol=tcp dst-port=31785 action=drop comment="Hack'a'Tack.100 , Hack'a'Tack.112" add chain=virus protocol=tcp dst-port=31787 action=drop comment="Hack'a'Tack.100 , Hack'a'Tack.112" add chain=virus protocol=tcp dst-port=31789 action=drop comment="Hack'a'Tack.100 , Hack'a'Tack.112" add chain=virus protocol=tcp dst-port=31791 action=drop comment="Hack'a'Tack.100 , Hack'a'Tack.112" add chain=virus protocol=tcp dst-port=31887 action=drop comment="BDDT.100" add chain=virus protocol=tcp dst-port=31889 action=drop comment="BDDT.100" add chain=virus protocol=tcp dst-port=32100 action=drop comment="ProjectNext.053 " add chain=virus protocol=tcp dst-port=32418 action=drop comment="AcidBattery.100 " add chain=virus protocol=tcp dst-port=32791 action=drop comment="Akropolis.100, Rocks.100" add chain=virus protocol=tcp dst-port=33291 action=drop comment="RemoteHak.001" add chain=virus protocol=tcp dst-port=33333 action=drop comment="Blackharaz.100, Prosiak.047, SubSeven.214" add chain=virus protocol=tcp dst-port=33577 action=drop comment="SonOfPsychward. 020" add chain=virus protocol=tcp dst-port=34324 action=drop comment="TelnetServer.10 0" add chain=virus protocol=tcp dst-port=34763 action=drop comment="Infector.180, I nfector.190, Infector.200" add chain=virus protocol=tcp dst-port=35000 action=drop comment="Infector.190, I nfector.200" add chain=virus protocol=tcp dst-port=35600 action=drop comment="Subsari.140" add chain=virus protocol=tcp dst-port=36794 action=drop comment="BugBear.100" add chain=virus protocol=tcp dst-port=37237 action=drop comment="Mantis.020"

    add chain=virus protocol=tcp dst-port=37651 action=drop comment="YAT.210" add chain=virus protocol=tcp dst-port=37653 action=drop comment="YAT.310" add chain=virus protocol=tcp dst-port=40308 action=drop comment="Subsari.140" add chain=virus protocol=tcp dst-port=40412 action=drop comment="TheSpy.100" add chain=virus protocol=tcp dst-port=40421 action=drop comment="MastersParadise .970" add chain=virus protocol=tcp dst-port=40422 action=drop comment="MastersParadise .970" add chain=virus protocol=tcp dst-port=40999 action=drop comment="DiemsMutter.110 , DiemsMutter.140" add chain=virus protocol=tcp dst-port=41626 action=drop comment="Shah.100" add chain=virus protocol=tcp dst-port=44444 action=drop comment="Prosiak.070" add chain=virus protocol=tcp dst-port=45673 action=drop comment="Akropolis.100, Rocks.100" add chain=virus protocol=tcp dst-port=47262 action=drop comment="Delta.050" add chain=virus protocol=tcp dst-port=48006 action=drop comment="Fragglerock.200 " add chain=virus protocol=tcp dst-port=49683 action=drop comment="HolzPferd.210" add chain=virus protocol=tcp dst-port=50000 action=drop comment="Infector.180" add chain=virus protocol=tcp dst-port=50130 action=drop comment="Enterprise.100" add chain=virus protocol=tcp dst-port=50766 action=drop comment="Fore.100" add chain=virus protocol=tcp dst-port=51234 action=drop comment="Cyn.210" add chain=virus protocol=tcp dst-port=51966 action=drop comment="Cafeini.080, Ca feini.110" add chain=virus protocol=tcp dst-port=54321 action=drop comment="PCInvader.010" add chain=virus protocol=tcp dst-port=57341 action=drop comment="NetRaider.100" add chain=virus protocol=tcp dst-port=57922 action=drop comment="Bionet.084" add chain=virus protocol=tcp dst-port=58008 action=drop comment="Tron.100" add chain=virus protocol=tcp dst-port=58009 action=drop comment="Tron.100" add chain=virus protocol=tcp dst-port=59090 action=drop comment="AcidReign.200" add chain=virus protocol=tcp dst-port=59211 action=drop comment="DuckToy.100, Du ckToy.101" add chain=virus protocol=tcp dst-port=59345 action=drop comment="NewFuture.100" add chain=virus protocol=tcp dst-port=60000 action=drop comment="DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101" add chain=virus protocol=tcp dst-port=60411 action=drop comment="Connection.100, Connection.130" add chain=virus protocol=tcp dst-port=60412 action=drop comment="Connection.130" add chain=virus protocol=tcp dst-port=60552 action=drop comment="RoxRat.100" add chain=virus protocol=tcp dst-port=63536 action=drop comment="InsaneNetwork.5 00" add chain=virus protocol=tcp dst-port=63878 action=drop comment="AphexFTP.100" add chain=virus protocol=tcp dst-port=63879 action=drop comment="AphexFTP.100" add chain=virus protocol=tcp dst-port=64969 action=drop comment="Lithium.100" add chain=virus protocol=tcp dst-port=65000 action=drop comment="Socket.100" add chain=virus protocol=tcp dst-port=65506 action=drop comment="PhatBot, Agobot , Gaobot" disabled=no add chain=virus protocol=udp dst-port=1 action=drop comment="SocketsDeTroie.250" add chain=virus protocol=udp dst-port=135-139 action=drop comment="Messenger Wor m" disabled=no add chain=virus protocol=udp dst-port=445 action=drop comment="Blaster Worm" dis abled=no add chain=virus protocol=udp dst-port=666 action=drop comment="Bla.200, Bla.400, Bla.503, Noknok.820" add chain=virus protocol=udp dst-port=1130 action=drop comment="Noknok.800, Nokn ok.820" add chain=virus protocol=udp dst-port=2140 action=drop comment="DeepThroat.100, DeepThroat.200, DeepThroat.310" add chain=virus protocol=udp dst-port=2989 action=drop comment="Rat.200" add chain=virus protocol=udp dst-port=3128 action=drop comment="MastersParadise.

    970" add chain=virus protocol=udp dst-port=3129 action=drop comment="MastersParadise. 920, MastersParadise.970" add chain=virus protocol=udp dst-port=3150 action=drop comment="DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110" add chain=virus protocol=udp dst-port=3333 action=drop comment="Daodan.123" add chain=virus protocol=udp dst-port=3800 action=drop comment="Eclypse.100" add chain=virus protocol=udp dst-port=3996 action=drop comment="RemoteAnything.3 64" add chain=virus protocol=udp dst-port=4000 action=drop comment="RemoteAnything.3 64" add chain=virus protocol=udp dst-port=4444 action=drop comment="Worm" disabled=n o add chain=virus protocol=udp dst-port=5555 action=drop comment="Daodan.123" add chain=virus protocol=udp dst-port=5881 action=drop comment="Y3KRat.110, Y3KR at.140" add chain=virus protocol=udp dst-port=5882 action=drop comment="Y3KRat.100, Y3KR at.110, Y3KRat.120, Y3KRat.140, Y3KRat.150" add chain=virus protocol=udp dst-port=5883 action=drop comment="Y3KRat.110, Y3KR at.140" add chain=virus protocol=udp dst-port=5884 action=drop comment="Y3KRat.140, Y3KR at.150" add chain=virus protocol=udp dst-port=5885 action=drop comment="Y3KRat.110, Y3KR at.120, Y3KRat.140" add chain=virus protocol=udp dst-port=5886 action=drop comment="Y3KRat.120, Y3KR at.140" add chain=virus protocol=udp dst-port=5887 action=drop comment="Y3KRat.110, Y3KR at.120, Y3KRat.140" add chain=virus protocol=udp dst-port=5888 action=drop comment="Y3KRat.100, Y3KR at.110, Y3KRat.120, Y3KRat.150" add chain=virus protocol=udp dst-port=6953 action=drop comment="Lithium.100" add chain=virus protocol=udp dst-port=8012 action=drop comment="Ptakks.217" add chain=virus protocol=udp dst-port=10067 action=drop comment="PortalOfDoom.10 0" add chain=virus protocol=udp dst-port=10167 action=drop comment="PortalOfDoom.10 0" add chain=virus protocol=udp dst-port=10666 action=drop comment="Ambush.100" add chain=virus protocol=udp dst-port=11225 action=drop comment="Cyn.100, Cyn.10 3, Cyn.120" add chain=virus protocol=udp dst-port=11306 action=drop comment="Noknok.800, Nok nok.820" add chain=virus protocol=udp dst-port=12389 action=drop comment="KheSanh.210" add chain=virus protocol=udp dst-port=12623 action=drop comment="Buttman.090, Bu ttman.100" add chain=virus protocol=udp dst-port=12625 action=drop comment="Buttman.100" add chain=virus protocol=udp dst-port=14100 action=drop comment="Eurosol.100" add chain=virus protocol=udp dst-port=23476 action=drop comment="DonaldDick.155" add chain=virus protocol=udp dst-port=26274 action=drop comment="Delta.050" add chain=virus protocol=udp dst-port=27184 action=drop comment="Alvgus.100" add chain=virus protocol=udp dst-port=28431-28436 action=drop comment="Hack'a'Ta ck.2000" add chain=virus protocol=udp dst-port=29891 action=drop comment="Unexplained.100 " add chain=virus protocol=udp dst-port=30103 action=drop comment="NetSphere.131" add chain=virus protocol=udp dst-port=31320 action=drop comment="LittleWitch.400 , LittleWitch.420" add chain=virus protocol=udp dst-port=31337 action=drop comment="BackOrifice.120 , OPC.200" add chain=virus protocol=udp dst-port=31416 action=drop comment="Lithium.100, Li thium.101"

    add chain=virus protocol=udp dst-port=31789 action=drop comment="Hack'a'Tack.100 , Hack'a'Tack.112" add chain=virus protocol=udp dst-port=31791 action=drop comment="Hack'a'Tack.100 , Hack'a'Tack.112" add chain=virus protocol=udp dst-port=33333 action=drop comment="Blackharaz.100" add chain=virus protocol=udp dst-port=47262 action=drop comment="Delta.050" add chain=virus protocol=udp dst-port=49683 action=drop comment="HolzPferd.210" add chain=virus protocol=udp dst-port=60000 action=drop comment="MiniBacklash.10 0" add chain=forward protocol=tcp dst-port=80 src-address-list=LAN action=accept co mment="Web" disabled=no add chain=forward connection-state=established action=accept comment="allow esta blished connections" disabled=no add chain=forward connection-state=related action=accept comment="allow related connections" disabled=no add chain=forward connection-state=invalid action=drop comment="invalid" add chain=forward action=jump jump-target=virus comment="jump to the virus chain " disabled=no add chain=input protocol=tcp dst-port=21 src-address-list=LAN action=accept comm ent="FTP" disabled=no add chain=input protocol=tcp dst-port=22 src-address-list=LAN action=accept comm ent="SSH for secure shell" disabled=no add chain=input protocol=tcp dst-port=23 src-address-list=LAN action=accept comm ent="Telnet" disabled=no add chain=input protocol=tcp dst-port=8291 src-address-list=LAN action=accept co mment="winbox" disabled=no add chain=input protocol=tcp dst-port=1723 action=accept comment="pptp-server" d isabled=no add chain=input protocol=udp action=accept comment="UDP" disabled=no add chain=input protocol=icmp limit=50/5s, 2 action=accept comment="allow limite d pings" disabled=no add chain=input protocol=icmp action=drop comment="excess pings" disabled=no add chain=input connection-state=established action=accept comment="Accept estab lished connections" disabled=no add chain=input connection-state=related action=accept comment="Accept related c onnections" disabled=no add chain=input connection-state=invalid action=drop comment="invalid connection s" disabled=no add chain=input src-address-list=LAN action=accept comment="Local network" disab led=no add chain=input action=log log-prefix="INPUT" comment="Log everything else" disa bled=no add chain=input action=drop comment="everything else" disabled=no

    Das könnte Ihnen auch gefallen