Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Anti Netcut

    Încărcat de

    Andreas B Kresnawan
    544 vizualizări3 pagini

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    TXT, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    544 vizualizări3 pagini

    Anti Netcut

    Încărcat de

    Andreas B Kresnawan

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 3

    1.

    disable p2p connections / system scriptadd name="stop_dc1" source="ip firewall rule forward enable \[/ip firewall rule forwardfind action=drop\]\n" \ policy=ftp,reboot,read,write,polic y,testfor RouterOS v2.9 it looks like this:/ system scriptadd name="stop_dc1" so urce="ip firewall filter enable \[/ip firewall filter find action=drop\]\n" \pol icy=ftp,reboot,read,write,policy,test 2. enable p2p connections / system scriptadd name="start_dc1" source="ip firewall rule forward disable \[/ ip firewall rule forward find \action=drop\]\n" policy=ftp,reboot,read,write,pol icy,test(I have to add that for these two scripts you have to have a firewall ru le: )/ ip firewall rule forwardadd p2p=all-p2p action=drop comment="" disabled=n o This example will explain you ?How to Block Web Sites? & ?How to Stop Downloadin g?. I have useWeb-Proxy test Package.First, Configure Proxy. /ip proxyenabled: yessrc-address: 0.0.0.0port: 8080parent-proxy: 0.0.0.0:0cachedrive: systemcache-administrator: "ASHISH PATEL"max-disk-cache-size: nonemax-ram -cache-size: nonecache-only-on-disk: nomaximal-client-connections: 1000maximal-s erver-connections: 1000max-object-size: 512KiBmax-fresh-time: 3d Now, Make it Transparent /ip firewall natchain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=8 080 Make sure that your proxy is NOT a Open Proxy /ip firewall filterchain=input in-interface= src-address=0.0.0.0/0 protocol=tcp dst-port=8080 action=drop Now for Blocking Websites /ip proxy accessdst-host=www.vansol27.com action=deny It will block website http://www.vansol27.com, We can always block the same for different networksby giving src-address. It will block for particular source add ress.We can also stop downloading files like.mp3, .exe, .dat, .avi,?etc. /ip proxy accesspath=*.exe action=denypath=*.mp3 action=denypath=*.zip action=de nypath=*.rar action=deny. Try with this also /ip proxy accessdst-host=:mail action=deny This will block all the websites contain word ?mail? in url.Example: It will blo ck www.hotmail.com, mail.yahoo.com,www.rediffmail.com /ip firewall filter add action=accept chain=input comment="Anti-Netcut" disabled=no dst-port=? 0-655 35 protocol=tcpsrc-address=61.213.183.1-61.213.183.254add action=accept chain=in put comment="Anti-Netcut" disabled=no dst-port=? 0-65535 protocol=tcpsrc-address =67.195.134.1-67.195.134.254add action=accept chain=input comment="Anti-Netcut" disabled=no dst-port=? 0-65535 protocol=tcpsrc-address=68.142.233.1-68.142.233.2 54add action=accept chain=input comment="Anti-Netcut" disabled=no dst-port=? 0-6 5535 protocol=tcpsrc-address=68.180.217.1-68.180.217.254add action=accept chain= input comment="Anti-Netcut" disabled=no dst-port=? 0-65535 protocol=tcpsrc-addre ss=203.84.204.1-203.84.204.254add action=accept chain=input comment="Anti-Netcut " disabled=no dst-port=? 0-65535 protocol=tcpsrc-address=69.63.176.1-69.63.176.2 54add action=accept chain=input comment="Anti-Netcut" disabled=no dst-port=? 0-6 5535 protocol=tcpsrc-address=69.63.181.1-69.63.181.254add action=accept chain=in put comment="Anti-Netcut" disabled=no dst-port=? 0-65535 protocol=tcpsrc-address =63.245.209.1-63.245.209.254add action=accept chain=input comment="Anti-Netcut" disabled=no dst-port=? 0-65535 protocol=tcpsrc-address=63.245.213.1-63.245.213.2 54Versi laen anti net cut for mikocok: /ip firewall filter add action=add-src-to-address-list address-list=DDOS address-list-timeout=15s \ chain=input comment=" disabled=no dst-port=1337 protocol=tcp

    add action=add-src-to-address-list address-list=DDOS address-list-timeout=15m \ chain=input comment=" disabled=no dst-port=7331 protocol=tcp src-address-list=kno ck add action=add-src-to-address-list address-list=port scanners address-list-timeout =2w \chain=input comment=Port scanners to list disabled=no protocol=tcp psd=21,3s ,3,1 add action=add-src-to-address-list address-list=port scanners address-list-timeout =2w \chain=input comment=SYN/FIN scan disabled=no protocol=tcp tcp-flags=fin,syn add action=add-src-to-address-list address-list=port scanners address-list-timeout =2w \chain=input comment=SYN/RST scan disabled=no protocol=tcp tcp-flags=syn,rst add action=add-src-to-address-list address-list=port scanners address-list-timeout =2w \chain=input disabled=no tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp \comment=FIN/PSH/URG scan add action=add-src-to-address-list address-list=port scanners address-list-timeout =2w \chain=input disabled=no protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg \ comment=ALL/ALL scan add action=add-src-to-address-list address-list=port scanners address-list-timeout =2w \chain=input tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg comment=NMAP NULL scan \ disabled=no protocol=tcp add action=add-src-to-address-list address-list=port scanners address-list-timeout =2w \chain=input comment=NMAP FIN Stealth scan disabled=no protocol=tcp add action=accept chain=input comment=ANTI NETCUT disabled=no dst-port=0-65535 \pr otocol=tcp src-address=61.213.183.1-61.213.183.254 add action=accept chain=input comment=ANTI NETCUT disabled=no dst-port=0-65535 \pr otocol=tcp src-address=67.195.134.1-67.195.134.254 add action=accept chain=input comment=ANTI NETCUT disabled=no dst-port=0-65535 \pr otocol=tcp src-address=68.142.233.1-68.142.233.254 add action=accept chain=input comment=ANTI NETCUT disabled=no dst-port=0-65535 \pr otocol=tcp src-address=68.180.217.1-68.180.217.254 add action=accept chain=input comment=ANTI NETCUT disabled=no dst-port=0-65535 \pr otocol=tcp src-address=203.84.204.1-203.84.204.254 add action=accept chain=input comment=ANTI NETCUT disabled=no dst-port=0-65535 \pr otocol=tcp src-address=69.63.176.1-69.63.176.254 add action=accept chain=input comment=ANTI NETCUT disabled=no dst-port=0-65535 \pr otocol=tcp src-address=69.63.181.1-69.63.181.254 add action=accept chain=input comment=ANTI NETCUT disabled=no dst-port=0-65535 \pr otocol=tcp src-address=63.245.209.1-63.245.209.254 add action=accept chain=input comment=ANTI NETCUT disabled=no dst-port=0-65535 \pr otocol=tcp src-address=63.245.213.1-63.245.213.254 thanks for ANDRI SUWIGNYO

    mencegah_netcut_dMikrotik Download this Document for FreePrintMobileCollectionsReport Document Info and Rating Leo Susanto Leo_Susanto_8081 Share & Embed More from this user PreviousNext 3 p. 7 p. Add a Comment Upload a Document Search Documents Follow Us! scribd.com/scribd twitter.com/scribd facebook.com/scribd About Press Blog Partners Scribd 101 Web Stuff Scribd Store Support FAQ Developers / API Jobs Terms Copyright Privacy Copyright 2011 Scribd Inc. Language: English

    S-ar putea să vă placă și