May
13
Drop Port Scanner
ByUntuk memprotek router dari port scanner, kita bisa menyimpan IP hacker yang mencoba scan mikrotik anda. Menggunakan address-list kita bisa drop koneksi dari IP-IP yang terindikasi sebagai port scanner.
di /ip firewall filter
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="Port scanners to list " disabled=no
Kombinasi dari TCP flags bisa diindikasikan aktifitas dari port scanner.
add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP FIN Stealth scan"
add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/FIN scan"
add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/RST scan"
add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="FIN/PSH/URG scan"
add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="ALL/ALL scan"
add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP NULL scan"
Kemudian anda bisa drop IP tersebut :
add chain=input src-address-list="port scanners" action=drop comment="dropping port scanners" disabled=no
Dengan cara yang sama, anda bisa drop port scanner dalam chain forward, ganti kode diatas dengan “chain=forward”.
search terms
port scanner (5)menghindari port scanning dengan mikrotik (2)effect menutup port scaner di mikrotik (2)script port scanner mikrotik (2)cara scan ip di mikrotik (2)blok port scanner mikrotik (2)mikrotik script for port scanning (1)mikrotik scanner (1)mikrotik PORT SCANNER1 (1)mikrotik port scanner tutorial (1)mikrotik port scanner script (1)mikrotik chain port scanner (1)mikrotik block port scanner (1)mikrotik anti scan (1)mikrotik tidak bisa dropped (1)web yang bisa scan ip dan port (1)trik blok port (1)trik block torrent mikrotik (1)setting mikrotik block scan ip (1)script mikrotik blok ip scanning (1)
Related Posts
-
eddy
