Reglas Principales de Mikrotik
Estas son reglas principales que se agregan en cualquier dispositivo Mikrotik:
OJO, primero hay que agregar un address-list con la IP que va a administrar, caso contrario se puede perder la coneccion por Capa 3 al router:::::ojo::::::
# aug/27/2012 16:24:50 by RouterOS 5.19
# software id = 5T4Z-RWDF
#
/ip firewall filter
add action=accept chain=input comment="accept established connection packets" \
connection-state=established disabled=no
add action=accept chain=input comment="accept related connection packets" \
connection-state=related disabled=no
add action=drop chain=input comment="drop invalid packets" connection-state=\
invalid disabled=no
add action=accept chain=input comment=\
"Allow access to router from known network" disabled=no src-address-list=\
permitidos
add action=drop chain=input comment="detect and drop port scan connections" \
disabled=no protocol=tcp psd=21,3s,3,1
add action=tarpit chain=input comment="suppress DoS attack" connection-limit=\
3,32 disabled=no protocol=tcp src-address-list=black_list
add action=add-src-to-address-list address-list=black_list \
address-list-timeout=1d chain=input comment="detect DoS attack" \
connection-limit=10,32 disabled=no protocol=tcp
add action=jump chain=input comment="jump to chain ICMP" disabled=no \
jump-target=ICMP protocol=icmp
add action=accept chain=input comment="Allow Broadcast Traffic" disabled=no \
dst-address-type=broadcast
add action=log chain=input disabled=no log-prefix=Filter:
add action=drop chain=input comment="drop everything else" disabled=no
add action=accept chain=ICMP comment="0:0 and limit for 5pac/s" disabled=no \
icmp-options=0:0-255 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment="3:3 and limit for 5pac/s" disabled=no \
icmp-options=3:3 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment="3:4 and limit for 5pac/s" disabled=no \
icmp-options=3:4 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment="8:0 and limit for 5pac/s" disabled=no \
icmp-options=8:0-255 limit=5,5 protocol=icmp
add action=accept chain=ICMP comment="11:0 and limit for 5pac/s" disabled=no \
icmp-options=11:0-255 limit=5,5 protocol=icmp
add action=drop chain=ICMP comment="Drop everything else" disabled=no \
protocol=icmp
add action=accept chain=services comment="accept localhost" disabled=no \
dst-address=127.0.0.1 src-address-list=127.0.0.1
add action=accept chain=services comment="allow MACwinbox " disabled=no \
dst-port=20561 protocol=udp
add action=accept chain=services comment="Bandwidth server" disabled=no \
dst-port=2000 protocol=tcp
add action=accept chain=services comment=" MT Discovery Protocol" disabled=no \
dst-port=5678 protocol=udp
add action=accept chain=services comment="allow SNMP" disabled=yes dst-port=\
161 protocol=tcp
add action=accept chain=services comment="Allow BGP" disabled=yes dst-port=\
179 protocol=tcp
add action=accept chain=services comment="allow BGP" disabled=yes dst-port=\
5000-5100 protocol=udp
add action=accept chain=services comment="Allow NTP" disabled=yes dst-port=\
123 protocol=udp
add action=accept chain=services comment="Allow PPTP" disabled=yes dst-port=\
1723 protocol=tcp
add action=accept chain=services comment="allow PPTP and EoIP" disabled=yes \
protocol=gre
add action=accept chain=services comment="allow DNS request" disabled=yes \
dst-port=53 protocol=tcp
add action=accept chain=services comment="Allow DNS request" disabled=yes \
dst-port=53 protocol=udp
add action=accept chain=services comment=UPnP disabled=yes dst-port=1900 \
protocol=udp
add action=accept chain=services comment=UPnP disabled=yes dst-port=2828 \
protocol=tcp
add action=accept chain=services comment="allow DHCP" disabled=yes dst-port=\
67-68 protocol=udp
add action=accept chain=services comment="allow Web Proxy" disabled=yes \
dst-port=8080 protocol=tcp
add action=accept chain=services comment="allow IPIP" disabled=yes protocol=\
ipencap
add action=accept chain=services comment="allow https for Hotspot" disabled=\
yes dst-port=443 protocol=tcp
add action=accept chain=services comment="allow Socks for Hotspot" disabled=\
yes dst-port=1080 protocol=tcp
add action=accept chain=services comment="allow IPSec connections" disabled=\
yes dst-port=500 protocol=udp
add action=accept chain=services comment="allow IPSec" disabled=yes protocol=\
ipsec-esp
add action=accept chain=services comment="allow IPSec" disabled=yes protocol=\
ipsec-ah
add action=accept chain=services comment="allow RIP" disabled=yes dst-port=\
520-521 protocol=udp
add action=accept chain=services comment="allow OSPF" disabled=yes protocol=\
ospf
add action=accept chain=forward comment="FWD - CONECCIONES ESTABLECIDAS" \
connection-state=established disabled=no
add action=accept chain=forward comment="FWD - CONECCIONES RELACIONADAS" \
connection-state=related disabled=no
add action=drop chain=forward comment="FWD - CONECCIONES INVALIDAS" \
connection-state=invalid disabled=no
add action=jump chain=forward comment="JUMP - A REGLAS ICMP" disabled=no \
jump-target=ICMP
add action=drop chain=virus comment="LISTA DE virus ==========================\
==========================================================================\
=====================================================" disabled=no \
protocol=tcp src-port=445
add action=drop chain=virus disabled=no dst-port=445 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no protocol=\
udp src-port=445
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=\
445 protocol=udp
add action=drop chain=virus disabled=no protocol=tcp src-port=135-139
add action=drop chain=virus disabled=no protocol=udp src-port=135-139
add action=drop chain=virus disabled=no dst-port=135-139 protocol=tcp
add action=drop chain=virus disabled=no dst-port=135-139 protocol=udp
add action=drop chain=virus comment=________ disabled=no dst-port=593 \
protocol=tcp
add action=drop chain=virus comment=________ disabled=no dst-port=1024-1030 \
protocol=tcp
add action=drop chain=virus comment="Drop MyDoom" disabled=no dst-port=1080 \
protocol=tcp
add action=drop chain=virus comment=________ disabled=no dst-port=1214 \
protocol=tcp
add action=drop chain=virus comment="ndm requester" disabled=no dst-port=1363 \
protocol=tcp
add action=drop chain=virus comment="ndm server" disabled=no dst-port=1364 \
protocol=tcp
add action=drop chain=virus comment="screen cast" disabled=no dst-port=1368 \
protocol=tcp
add action=drop chain=virus comment=hromgrafx disabled=no dst-port=1373 \
protocol=tcp
add action=drop chain=virus comment=cichlid disabled=no dst-port=1377 \
protocol=tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=1433-1434 \
protocol=tcp
add action=drop chain=virus comment="Bagle virus" disabled=no dst-port=2745 \
protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" disabled=no dst-port=2283 \
protocol=tcp
add action=drop chain=virus comment="Drop Beagle" disabled=no dst-port=2535 \
protocol=tcp
add action=drop chain=virus comment="Drop Beagle.C-K" disabled=no dst-port=\
2745 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom" disabled=no dst-port=3127 \
protocol=tcp
add action=drop chain=virus comment="Drop Backdoor OptixPro" disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=4444 protocol=\
tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=4444 protocol=\
udp
add action=drop chain=virus comment="Drop Sasser" disabled=no dst-port=5554 \
protocol=tcp
add action=drop chain=virus comment="Drop Beagle.B" disabled=no dst-port=8866 \
protocol=tcp
add action=drop chain=virus comment="Drop Dabber.A-B" disabled=no dst-port=\
9898 protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" disabled=no dst-port=\
10000 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom.B" disabled=no dst-port=\
10080 protocol=tcp
add action=drop chain=virus comment="Drop NetBus" disabled=no dst-port=12345 \
protocol=tcp
add action=drop chain=virus comment="Drop Kuang2" disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=virus comment="Drop SubSeven" disabled=no dst-port=\
27374 protocol=tcp
add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" disabled=\
no dst-port=65506 protocol=tcp
add action=drop chain=virus disabled=no dst-port=513 protocol=tcp
add action=drop chain=virus disabled=no dst-port=513 protocol=udp
add action=drop chain=virus disabled=no dst-port=525 protocol=tcp
add action=drop chain=virus disabled=no dst-port=525 protocol=udp
add action=drop chain=virus disabled=no dst-port=568-569 protocol=tcp
add action=drop chain=virus disabled=no dst-port=568-569 protocol=udp
add action=drop chain=virus disabled=no dst-port=1512 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1512 protocol=udp
add action=drop chain=virus disabled=no dst-port=396 protocol=tcp
add action=drop chain=virus disabled=no dst-port=396 protocol=udp
add action=drop chain=virus disabled=no dst-port=1366 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1366 protocol=udp
add action=drop chain=virus disabled=no dst-port=1416 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1416 protocol=udp
add action=drop chain=virus disabled=no dst-port=201-209 protocol=tcp
add action=drop chain=virus disabled=no dst-port=201-209 protocol=udp
add action=drop chain=virus disabled=no dst-port=545 protocol=tcp
add action=drop chain=virus disabled=no dst-port=545 protocol=udp
add action=drop chain=virus disabled=no dst-port=1381 protocol=udp
add action=drop chain=virus disabled=no dst-port=1381 protocol=tcp
add action=drop chain=virus disabled=no dst-port=3031 protocol=tcp
add action=drop chain=virus disabled=no dst-port=3031 protocol=udp
add action=drop chain=virus comment="2000 cracks" disabled=no dst-port=6776 \
protocol=tcp
add action=drop chain=virus comment="Acid Battery" disabled=no dst-port=32418 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=2000 protocol=tcp
add action=drop chain=virus disabled=no dst-port=52317 protocol=tcp
add action=drop chain=virus comment="Acid Shivers" disabled=no dst-port=10520 \
protocol=tcp
add action=drop chain=virus comment="Agent 31" disabled=no dst-port=31 \
protocol=tcp
add action=drop chain=virus comment="Agent 40421" disabled=no dst-port=40421 \
protocol=tcp
add action=drop chain=virus comment="Aim Spy" disabled=no dst-port=777 \
protocol=tcp
add action=drop chain=virus comment=Ambush disabled=no dst-port=10666 \
protocol=tcp
add action=drop chain=virus comment="AOL Trojan" disabled=no dst-port=30029 \
protocol=tcp
add action=drop chain=virus comment="Attack FTP" disabled=no dst-port=666 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=7789 protocol=tcp
add action=drop chain=virus comment="Back Orifice" disabled=no dst-port=\
31337-31338 protocol=tcp
add action=drop chain=virus comment="Back Orifice 2000" disabled=no dst-port=\
54320-54321 protocol=tcp
add action=drop chain=virus disabled=no dst-port=8787 protocol=tcp
add action=drop chain=virus comment="Back Orifice DLL" disabled=no dst-port=\
1349 protocol=udp
add action=drop chain=virus comment=BackDoor disabled=no dst-port=1999 \
protocol=tcp
add action=drop chain=virus comment=BackDoor-G disabled=no dst-port=1243 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=6776 protocol=tcp
add action=drop chain=virus comment=BackDoor-QE disabled=no dst-port=10452 \
protocol=tcp
add action=drop chain=virus comment=BackDoor-QO disabled=no dst-port=3332 \
protocol=tcp
add action=drop chain=virus comment=BackDoor-QR disabled=no dst-port=\
12973-12975 protocol=tcp
add action=drop chain=virus comment=BackFire disabled=no dst-port=31337 \
protocol=tcp
add action=drop chain=virus comment="Baron Night" disabled=no dst-port=31337 \
protocol=tcp
add action=drop chain=virus comment="Big Gluck (TN)" disabled=no dst-port=\
34324 protocol=tcp
add action=drop chain=virus comment=BioNet disabled=no dst-port=12349 \
protocol=tcp
add action=drop chain=virus comment=Bla disabled=no dst-port=1042 protocol=\
tcp
add action=drop chain=virus disabled=no dst-port=20331 protocol=tcp
add action=drop chain=virus comment="BO client" disabled=no dst-port=31337 \
protocol=tcp
add action=drop chain=virus comment="BO Facil" disabled=no dst-port=5556-5557 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=31337 protocol=tcp
add action=drop chain=virus comment="Bo Wack" disabled=no dst-port=31336 \
protocol=tcp
add action=drop chain=virus comment=BoBo disabled=no dst-port=4321 protocol=\
tcp
add action=drop chain=virus comment="BOWhack " disabled=no dst-port=31666 \
protocol=tcp
add action=drop chain=virus comment="BrainSpy " disabled=no dst-port=10101 \
protocol=tcp
add action=drop chain=virus comment=Bubbel disabled=no dst-port=5000 \
protocol=tcp
add action=drop chain=virus comment=BugBear disabled=no dst-port=36794 \
protocol=tcp
add action=drop chain=virus comment=Bugs disabled=no dst-port=2115 protocol=\
tcp
add action=drop chain=virus comment=Bunker-Hill disabled=no dst-port=61348 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=61603 protocol=tcp
add action=drop chain=virus disabled=no dst-port=63485 protocol=tcp
add action=drop chain=virus comment="Cain e Abel" disabled=no dst-port=666 \
protocol=tcp
add action=drop chain=virus comment=Chargen disabled=no dst-port=9 protocol=\
udp
add action=drop chain=virus comment=Chupacabra disabled=no dst-port=20203 \
protocol=tcp
add action=drop chain=virus comment=Coma disabled=no dst-port=10607 protocol=\
tcp
add action=drop chain=virus comment="Cyber Attacker" disabled=no dst-port=\
9876 protocol=tcp
add action=drop chain=virus comment="Dark Shadow " disabled=no dst-port=911 \
protocol=tcp
add action=drop chain=virus comment=Death disabled=no dst-port=2 protocol=tcp
add action=drop chain=virus comment="Deep Back Orifice" disabled=no dst-port=\
31338 protocol=tcp
add action=drop chain=virus comment="Deep Throat" disabled=no dst-port=41 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=2140 protocol=tcp
add action=drop chain=virus disabled=no dst-port=3150 protocol=tcp
add action=drop chain=virus disabled=no dst-port=6771 protocol=tcp
add action=drop chain=virus comment="Deep Throat v2" disabled=no dst-port=\
6670 protocol=tcp
add action=drop chain=virus disabled=no dst-port=6711 protocol=tcp
add action=drop chain=virus disabled=no dst-port=60000 protocol=tcp
add action=drop chain=virus comment="Deep Throat v3" disabled=no dst-port=\
6674 protocol=tcp
add action=drop chain=virus comment=DeepBO disabled=no dst-port=31337 \
protocol=udp
add action=drop chain=virus comment=DeepThroat disabled=no dst-port=999 \
protocol=tcp
add action=drop chain=virus comment="Delta Source" disabled=no dst-port=26274 \
protocol=udp
add action=drop chain=virus disabled=no dst-port=47262 protocol=udp
add action=drop chain=virus comment="Der Spacher 3" disabled=no dst-port=\
1000-1001 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2000-2001 protocol=tcp
add action=drop chain=virus comment=Devil disabled=no dst-port=65000 \
protocol=tcp
add action=drop chain=virus comment="Digital RootBeer" disabled=no dst-port=\
2600 protocol=tcp
add action=drop chain=virus comment="DMsetup " disabled=no dst-port=58-59 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=1010-1012 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1015 protocol=tcp
add action=drop chain=virus comment="Donald Dick" disabled=no dst-port=\
23476-23477 protocol=tcp
add action=drop chain=virus comment=DRAT disabled=no dst-port=48 protocol=tcp
add action=drop chain=virus disabled=no dst-port=50 protocol=tcp
add action=drop chain=virus comment="DUN Control" disabled=no dst-port=12623 \
protocol=udp
add action=drop chain=virus comment=Eclipse disabled=no dst-port=2000 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=3459 protocol=tcp
add action=drop chain=virus comment=Eclypse disabled=no dst-port=3801 \
protocol=udp
add action=drop chain=virus comment="Evil FTP" disabled=no dst-port=23456 \
protocol=tcp
add action=drop chain=virus comment="File Nail" disabled=no dst-port=4567 \
protocol=tcp
add action=drop chain=virus comment=Firehotcker disabled=no dst-port=79 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=5321 protocol=tcp
add action=drop chain=virus comment=Fore disabled=no dst-port=50766 protocol=\
tcp
add action=drop chain=virus comment=FTP99cmp disabled=no dst-port=1492 \
protocol=tcp
add action=drop chain=virus comment="Gaban Bus" disabled=no dst-port=\
12345-12346 protocol=tcp
add action=drop chain=virus comment="GirlFriend " disabled=no dst-port=21554 \
protocol=tcp
add action=drop chain=virus comment=Gjamer disabled=no dst-port=12076 \
protocol=tcp
add action=drop chain=virus comment="Hack '99 KeyLogger" disabled=no \
dst-port=12223 protocol=tcp
add action=drop chain=virus comment="Hack 'a' Tack" disabled=no dst-port=\
31780-31785 protocol=tcp
add action=drop chain=virus disabled=no dst-port=31787-31789 protocol=tcp
add action=drop chain=virus comment="Hack 'a' Tack" disabled=no dst-port=\
31791-31792 protocol=udp
add action=drop chain=virus comment="HackCity Ripper Pro" disabled=no \
dst-port=2023 protocol=tcp
add action=drop chain=virus comment="Hackers Paradise " disabled=no dst-port=\
31 protocol=tcp
add action=drop chain=virus disabled=no dst-port=456 protocol=tcp
add action=drop chain=virus comment=HackOffice disabled=no dst-port=8897 \
protocol=tcp
add action=drop chain=virus comment="Happy 99" disabled=no dst-port=119 \
protocol=tcp
add action=drop chain=virus comment="Hidden Port" disabled=no dst-port=99 \
protocol=tcp
add action=drop chain=virus comment="Host Control " disabled=no dst-port=6669 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=11050 protocol=tcp
add action=drop chain=virus comment="HVL Rat5" disabled=no dst-port=2283 \
protocol=tcp
add action=drop chain=virus comment=icKiller disabled=no dst-port=7789 \
protocol=tcp
add action=drop chain=virus comment=\
"ICQ (ICQ.com - community, people search and messaging service!)" \
disabled=no dst-port=1027-1029 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1032 protocol=tcp
add action=drop chain=virus comment="ICQ Revenge" disabled=no dst-port=16772 \
protocol=tcp
add action=drop chain=virus comment="ICQ Revenge" disabled=no dst-port=19864 \
protocol=tcp
add action=drop chain=virus comment="ICQ Trojan" disabled=no dst-port=4590 \
protocol=tcp
add action=drop chain=virus comment="Illusion Mailer" disabled=no dst-port=\
2155 protocol=tcp
add action=drop chain=virus disabled=no dst-port=5512 protocol=tcp
add action=drop chain=virus comment=InCommand disabled=no dst-port=9400 \
protocol=tcp
add action=drop chain=virus comment=Indoctrination disabled=no dst-port=6939 \
protocol=tcp
add action=drop chain=virus comment=Infector disabled=no dst-port=146 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=146 protocol=udp
add action=drop chain=virus comment=iNi-Killer disabled=no dst-port=555 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=9989 protocol=tcp
add action=drop chain=virus comment="Insane Network" disabled=no dst-port=\
2000 protocol=tcp
add action=drop chain=virus comment=IRC-3 disabled=no dst-port=6969 protocol=\
tcp
add action=drop chain=virus comment=JammerKillah disabled=no dst-port=121 \
protocol=tcp
add action=drop chain=virus comment=Kazimas disabled=no dst-port=113 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=7000 protocol=tcp
add action=drop chain=virus comment="Kuang2 " disabled=no dst-port=17300 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=30999 protocol=tcp
add action=drop chain=virus comment=Logged disabled=no dst-port=20203 \
protocol=tcp
add action=drop chain=virus comment="Masters' Paradise" disabled=no dst-port=\
3129 protocol=tcp
add action=drop chain=virus disabled=no dst-port=40421-40423 protocol=tcp
add action=drop chain=virus disabled=no dst-port=40425-40426 protocol=tcp
add action=drop chain=virus comment="Mavericks Matrix" disabled=no dst-port=\
1269 protocol=tcp
add action=drop chain=virus comment=Millenium disabled=no dst-port=\
20000-20001 protocol=tcp
add action=drop chain=virus comment=MiniCommand disabled=no dst-port=1050 \
protocol=tcp
add action=drop chain=virus comment=Mosucker disabled=no dst-port=16484 \
protocol=tcp
add action=drop chain=virus comment=Nephron disabled=no dst-port=17777 \
protocol=tcp
add action=drop chain=virus comment="Net Controller" disabled=no dst-port=123 \
protocol=tcp
add action=drop chain=virus comment="Netbios datagram (DoS Attack)" disabled=\
no dst-port=138 protocol=tcp
add action=drop chain=virus comment="Netbios name (DoS Attack)" disabled=no \
dst-port=137 protocol=tcp
add action=drop chain=virus comment="Netbios session (DoS Attack)" disabled=\
no dst-port=139 protocol=tcp
add action=drop chain=virus comment="NetBus Pro" disabled=no dst-port=20034 \
protocol=tcp
add action=drop chain=virus comment=NetMetropolitan disabled=no dst-port=5031 \
protocol=tcp
add action=drop chain=virus comment=NetMonitor disabled=no dst-port=7300-7301 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=7306-7308 protocol=tcp
add action=drop chain=virus comment=NetRaider disabled=no dst-port=57341 \
protocol=tcp
add action=drop chain=virus comment=NETrojan disabled=no dst-port=1313 \
protocol=tcp
add action=drop chain=virus comment=NetSphere disabled=no dst-port=\
30100-30103 protocol=tcp
add action=drop chain=virus comment=NetSpy disabled=no dst-port=1024-1033 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=31338-31339 protocol=tcp
add action=drop chain=virus comment=NoBackO disabled=no dst-port=1200-1201 \
protocol=udp
add action=drop chain=virus comment="One of the Last Trojan (OOTLT)" \
disabled=no dst-port=5011 protocol=tcp
add action=drop chain=virus comment="OpC BO" disabled=no dst-port=1969 \
protocol=tcp
add action=drop chain=virus comment="Phineas Phucker" disabled=no dst-port=\
2801 protocol=tcp
add action=drop chain=virus comment="Portal of Doom" disabled=no dst-port=\
10067 protocol=udp
add action=drop chain=virus disabled=no dst-port=10167 protocol=udp
add action=drop chain=virus comment=Priority disabled=no dst-port=16969 \
protocol=tcp
add action=drop chain=virus comment=Progenic disabled=no dst-port=11223 \
protocol=tcp
add action=drop chain=virus comment=Prosiak disabled=no dst-port=22222 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=33333 protocol=tcp
add action=drop chain=virus comment="Psyber Stream Server" disabled=no \
dst-port=1170 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1509 protocol=tcp
add action=drop chain=virus disabled=no dst-port=4000 protocol=tcp
add action=drop chain=virus comment=Rasmin disabled=no dst-port=531 protocol=\
tcp
add action=drop chain=virus disabled=no dst-port=1045 protocol=tcp
add action=drop chain=virus comment=RAT disabled=no dst-port=1095 protocol=\
tcp
add action=drop chain=virus disabled=no dst-port=1097-1099 protocol=tcp
add action=drop chain=virus disabled=no dst-port=2989 protocol=tcp
add action=drop chain=virus comment=RC disabled=no dst-port=65535 protocol=\
tcp
add action=drop chain=virus comment=Rcon disabled=no dst-port=8989 protocol=\
tcp
add action=drop chain=virus comment="Remote Grab" disabled=no dst-port=7000 \
protocol=tcp
add action=drop chain=virus comment="Remote Windows Shutdown" disabled=no \
dst-port=53001 protocol=tcp
add action=drop chain=virus comment=Robo-Hack disabled=no dst-port=5596 \
protocol=tcp
add action=drop chain=virus comment="Satanz backDoor" disabled=no dst-port=\
666 protocol=tcp
add action=drop chain=virus comment=ScheduleAgent disabled=no dst-port=6667 \
protocol=tcp
add action=drop chain=virus comment="School Bus" disabled=no dst-port=54321 \
protocol=tcp
add action=drop chain=virus comment=Schwindler disabled=no dst-port=21554 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=50766 protocol=tcp
add action=drop chain=virus comment="Secret Agent " disabled=no dst-port=\
11223 protocol=tcp
add action=drop chain=virus comment="Secret Service" disabled=no dst-port=605 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=6272 protocol=tcp
add action=drop chain=virus comment="Senna Spy FTP Server" disabled=no \
dst-port=11000 protocol=tcp
add action=drop chain=virus disabled=no dst-port=13000 protocol=tcp
add action=drop chain=virus comment=ServeMe disabled=no dst-port=5555 \
protocol=tcp
add action=drop chain=virus comment="Shit Heep" disabled=no dst-port=6912 \
protocol=tcp
add action=drop chain=virus comment=ShockRave disabled=no dst-port=1981 \
protocol=tcp
add action=drop chain=virus comment=Sivka-Burka disabled=no dst-port=1600 \
protocol=tcp
add action=drop chain=virus comment="SK Silencer" disabled=no dst-port=1001 \
protocol=tcp
add action=drop chain=virus comment=Socket25 disabled=no dst-port=30303 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=50505 protocol=tcp
add action=drop chain=virus comment=SoftWAR disabled=no dst-port=1207 \
protocol=tcp
add action=drop chain=virus comment="Spirit 2001a " disabled=no dst-port=\
33911 protocol=tcp
add action=drop chain=virus comment=SpySender disabled=no dst-port=1807 \
protocol=tcp
add action=drop chain=virus comment="Streaming Audio trojan" disabled=no \
dst-port=1170 protocol=tcp
add action=drop chain=virus comment=Striker disabled=no dst-port=2565 \
protocol=tcp
add action=drop chain=virus comment=SubSeven disabled=no dst-port=1243 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=2773 protocol=tcp
add action=drop chain=virus disabled=no dst-port=6711-6713 protocol=tcp
add action=drop chain=virus disabled=no dst-port=6776 protocol=tcp
add action=drop chain=virus disabled=no dst-port=7215 protocol=tcp
add action=drop chain=virus disabled=no dst-port=27374 protocol=tcp
add action=drop chain=virus disabled=no dst-port=27573 protocol=tcp
add action=drop chain=virus disabled=no dst-port=54283 protocol=tcp
add action=drop chain=virus comment="SubSeven Apocalypse" disabled=no \
dst-port=1243 protocol=tcp
add action=drop chain=virus comment=Syphillis disabled=no dst-port=10086 \
protocol=tcp
add action=drop chain=virus comment="TCP Wrappers" disabled=no dst-port=421 \
protocol=tcp
add action=drop chain=virus comment=TeleCommando disabled=no dst-port=61466 \
protocol=tcp
add action=drop chain=virus comment="The Invasor" disabled=no dst-port=2140 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=3150 protocol=tcp
add action=drop chain=virus comment="The Prayer" disabled=no dst-port=2716 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=9999 protocol=tcp
add action=drop chain=virus comment="The Spy" disabled=no dst-port=40412 \
protocol=tcp
add action=drop chain=virus comment="The Thing" disabled=no dst-port=6000 \
protocol=tcp
add action=drop chain=virus comment="The Thing" disabled=no dst-port=6400 \
protocol=tcp
add action=drop chain=virus comment="The Traitor" disabled=no dst-port=65432 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=65432 protocol=udp
add action=drop chain=virus comment="The Trojan Cow" disabled=no dst-port=\
2001 protocol=tcp
add action=drop chain=virus comment="The Unexplained" disabled=no dst-port=\
29891 protocol=udp
add action=drop chain=virus comment="Tiny Telnet Server" disabled=no \
dst-port=34324 protocol=tcp
add action=drop chain=virus comment=TransScout disabled=no dst-port=1999-2005 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=9878 protocol=tcp
add action=drop chain=virus comment=Trinoo disabled=no dst-port=34555 \
protocol=udp
add action=drop chain=virus disabled=no dst-port=35555 protocol=udp
add action=drop chain=virus comment="Ugly FTP" disabled=no dst-port=23456 \
protocol=tcp
add action=drop chain=virus comment="Ultor's Trojan" disabled=no dst-port=\
1234 protocol=tcp
add action=drop chain=virus comment=Vampire disabled=no dst-port=1020 \
protocol=tcp
add action=drop chain=virus comment="Vampyre " disabled=no dst-port=6669 \
protocol=tcp
add action=drop chain=virus comment="Virtual Hacking Machine " disabled=no \
dst-port=4242 protocol=tcp
add action=drop chain=virus comment=Voice disabled=no dst-port=1170 protocol=\
tcp
add action=drop chain=virus disabled=no dst-port=4000 protocol=tcp
add action=drop chain=virus comment="Voodoo Doll" disabled=no dst-port=1245 \
protocol=tcp
add action=drop chain=virus comment="Wack-a-mole " disabled=no dst-port=\
12361-12362 protocol=tcp
add action=drop chain=virus comment="Web Ex" disabled=no dst-port=1001 \
protocol=tcp
add action=drop chain=virus comment=WhackJob disabled=no dst-port=12631 \
protocol=tcp
add action=drop chain=virus disabled=no dst-port=23456 protocol=tcp
add action=drop chain=virus comment=WinHole disabled=no dst-port=1080-1082 \
protocol=tcp
add action=drop chain=virus comment=Xplorer disabled=no dst-port=2300 \
protocol=tcp
add action=drop chain=virus comment=Xtcp disabled=no dst-port=5550 protocol=\
tcp
add action=drop chain=virus comment=YAT disabled=no dst-port=37651 protocol=\
tcp
»
- bitfrost's blog
- Login to post comments
- 6961 reads
Comentarios recientes
8 years 26 weeks ago
8 years 50 weeks ago
8 years 50 weeks ago
8 years 50 weeks ago
10 years 13 weeks ago
11 years 21 weeks ago
11 years 21 weeks ago
11 years 22 weeks ago
12 years 18 weeks ago
12 years 25 weeks ago