MK - O Firewall Perfeito

download MK - O Firewall Perfeito

If you can't read please download the document

Transcript of MK - O Firewall Perfeito

MK - O Firewall Perfeito Como sabemos no existe um firewall perfeito, mas este descrito logo abaixo assume um papel importante em uma rede wireless. Este firewall segue a politica de que tudo que direcionado ao MK vindo da Intern et bloqueado. Alguns comentrios. 0= aceita acesso do cache. 1- 2 = bloqueia o acesso da rede e internet direcionado ao Web-box 1- 61 =(regras de bloqueio direcionado ao MK da net), so apenas para mostrar as t entativas de conexes. Nas regras 58,59,60, indica os nicos ip's que podem acessar o Mk dentro da rede, As outras regras protegem os usurios. /ip firewall filter add action=accept chain=forward comment="CHACHE FULL - ACEITAR CONEXOES PROXY" d isabled=no protocol=tcp src-address=10.0.0.1 add action=drop chain=input comment="BLOQUEIA O ACESSO AO MK DA INTERNET" disabl ed=no dst-port=808 in-interface=Modem protocol=tcp add action=drop chain=input comment="BLOQUEIO AO ACESSO AO MK DA REDE WIRELESS" disabled=no dst-address=192.168.1.0/24 dst-port=808 in-interface=AP protocol=tcp add action=log chain=input comment="(Log) Mostra tentativa de acesso a determina das portas" disabled=no dst-port=21 in-interface=Modem log-prefix="FIREWALL: FTP " protocol=tcp add action=log chain=input comment="" disabled=no dst-port=22 in-interface=Modem log-prefix="FIREWALL: SSH" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=23 in-interface=Modem log-prefix="FIREWALL: TELNET" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=25 in-interface=Modem log-prefix="FIREWALL: SMTP" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=80 in-interface=Modem log-prefix="FIREWALL: HTTP" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=808 in-interface=Mode m log-prefix="FIREWALL: WEB-BOX-MIKROTIK" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=8080 in-interface=Mod em log-prefix="FIREWALL: HTTP-8080" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=110 in-interface=Mode m log-prefix="FIREWALL: POP3" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=111 in-interface=Mode m log-prefix="FIREWALL: RPC" protocol=udp add action=log chain=input comment="" disabled=no dst-port=113 in-interface=Mode m log-prefix="FIREWALL: IDENTD" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=137-139 in-interface= Modem log-prefix="FIREWALL: SAMBA-NETBIOS" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=137-139 in-interface= Modem log-prefix="FIREWALL: SAMBA-NETBIOS" protocol=udp add action=log chain=input comment="" disabled=no dst-port=161-162 in-interface= Modem log-prefix="FIREWALL: SNMP" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=6667-6668 in-interfac e=Modem log-prefix="FIREWALL: IRC" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=3128 in-interface=Mod em log-prefix="FIREWALL: SQUID" protocol=tcp add action=log chain=input comment="" disabled=no dst-port=5678 in-interface=Mod em log-prefix=FIREWALL:WINBOX protocol=udpadd action=log chain=input comment="" disabled=no dst-port=8291 in-interface=Mod em log-prefix=FIREWALL:WINBOX protocol=tcp add action=log chain=input comment="" disabled=no dst-port=20561 in-interface=Mo dem log-prefix=FIREWALL:WINBOX protocol=tcp add action=accept chain=input comment="Aceita Pings, limite de 5 pacotes por seg ." disabled=no icmp-options=8:0-255 limit=5,5 protocol=icmp add action=drop chain=input comment="Bloqueia Excesso de Pings" disabled=no prot ocol=icmp add action=drop chain=input comment="Detecta e Bloqueia Conexoes de Scan de Port a" disabled=no protocol=tcp psd=21,3s,3,1 add action=add-src-to-address-list address-list="port scanners" address-list-tim eout=2w chain=input comment="Scanners de Porta-Envia para a lista" disabled=no p rotocol=tcp psd=21,3s,3,1 add action=add-src-to-address-list address-list="port scanners" address-list-tim eout=2w chain=input comment="NMAP FIN Stealth scan" disabled=no protocol=tcp tcp -flags=fin,!syn,!rst,!psh,!ack,!urg add action=add-src-to-address-list address-list="port scanners" address-list-tim eout=2w chain=input comment="SYN/FIN scan" disabled=no protocol=tcp tcp-flags=fi n,syn add action=add-src-to-address-list address-list="port scanners" address-list-tim eout=2w chain=input comment="SYN/RST scan" disabled=no protocol=tcp tcp-flags=sy n,rst add action=add-src-to-address-list address-list="port scanners" address-list-tim eout=2w chain=input comment="FIN/PSH/URG scan" disabled=no protocol=tcp tcp-flag s=fin,psh,urg,!syn,!rst,!ack add action=add-src-to-address-list address-list="port scanners" address-list-tim eout=2w chain=input comment="ALL/ALL scan" disabled=no protocol=tcp tcp-flags=fi n,syn,rst,psh,ack,urg add action=add-src-to-address-list address-list="port scanners" address-list-tim eout=2w chain=input comment="NMAP NULL scan" disabled=no protocol=tcp tcp-flags= !fin,!syn,!rst,!psh,!ack,!urg add action=drop chain=input comment="Bloqueia os IP's da lista do Scanner de Por ta" disabled=no src-address-list="port scanners" add action=drop chain=input comment="Aceita apenas 10 login incorreto de Ftp por minuto" disabled=no dst-port=21 protocol=tcp src-address-list=ftp_blacklist add action=accept chain=output comment="" content="530 Login incorrect" disabled =no dst-limit=1/1m,9,dst-address/1m protocol=tcp add action=add-dst-to-address-list address-list=ftp_blacklist address-list-timeo ut=3h chain=output comment="" content="530 Login incorrect" disabled=no protocol =tcp add action=drop chain=input comment="Bloqueia For\E7a Bruta do ssh" disabled=no dst-port=22 protocol=tcp src-address-list=ssh_blacklist add action=add-src-to-address-list address-list=ssh_blacklist address-list-timeo ut=1w3d chain=input comment="" connection-state=new disabled=no dst-port=22 prot ocol=tcp src-address-list=ssh_stage3 add action=add-src-to-address-list address-list=ssh_stage3 address-list-timeout= 1d chain=input comment="" connection-state=new disabled=no dst-port=22 protocol= tcp src-address-list=ssh_stage2 add action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout= 10m chain=input comment="" connection-state=new disabled=no dst-port=22 protocol =tcp src-address-list=ssh_stage1 add action=add-src-to-address-list address-list=ssh_stage1 address-list-timeout= 1m chain=input comment="" connection-state=new disabled=no dst-port=22 protocol= tcp add action=drop chain=forward comment="Bloqueia For\E7a bruta do ssh downstreamUsuarios" disabled=no dst-port=22 protocol=tcp src-address-list=ssh_blacklist add action=drop chain=input comment="Bloqueia For\E7a Bruta do Telnet" disabled= no dst-port=23 protocol=tcp src-address-list=telnet_blacklist add action=add-src-to-address-list address-list=telnet_blacklist address-list-ti meout=1w3d chain=input comment="" connection-state=new disabled=no dst-port=23 protocol=tcp src-address-list=telnet_stage3 add action=add-src-to-address-list address-list=telnet_stage3 address-list-timeo ut=1d chain=input comment="" connection-state=new disabled=no dst-port=23 protoc ol=tcp src-address-list=telnet_stage2 add action=add-src-to-address-list address-list=telnet_stage2 address-list-timeo ut=10m chain=input comment="" connection-state=new disabled=no dst-port=23 proto col=tcp src-address-list=telnet_stage1 add action=add-src-to-address-list address-list=telnet_stage1 address-list-timeo ut=1m chain=input comment="" connection-state=new disabled=no dst-port=23 protoc ol=tcp add action=drop chain=forward comment="Bloqueia For\E7a bruta do Telnet downstre am-Usuarios" disabled=no dst-port=23 protocol=tcp src-address-list=telnet_blackl ist add action=tarpit chain=input comment="suppress DoS attack" connection-limit=3,3 2 disabled=no in-interface=Modem protocol=tcp src-address-list=black_list add action=add-src-to-address-list address-list=black_list address-list-timeout= 1d chain=input comment="Detecta Ataque DoS" connection-limit=10,32 disabled=no i n-interface=Modem protocol=tcp add action=add-src-to-address-list address-list=blocked-addr address-list-timeou t=1d chain=input comment="Bloqueia Dos ataque" connection-limit=100,32 disabled= no in-interface=Modem protocol=tcp add action=tarpit chain=input comment="" connection-limit=3,32 disabled=no proto col=tcp src-address-list=blocked-addr add action=jump chain=forward comment="Protege contra SYN Flood" connection-stat e=new disabled=no jump-target=SYN-Protect protocol=tcp tcp-flags=syn add action=accept chain=SYN-Protect comment="" connection-state=new disabled=no limit=400,5 protocol=tcp tcp-flags=syn add action=drop chain=SYN-Protect comment="" connection-state=new disabled=no pr otocol=tcp tcp-flags=syn add action=drop chain=input comment="Bloqueia Conexoes Invalidas" connection-sta te=invalid disabled=no add action=accept chain=input comment="Aceita Conexoes Estabelecidas" connection -state=established disabled=no add action=accept chain=input comment="Aceita UDP" disabled=no protocol=udp add action=accept chain=input comment="Aceita ICMP" disabled=no protocol=icmp add action=accept chain=input comment="Aceita acesso ao MK somente do meu pc" di sabled=no src-address=10.0.0.0/23 add action=accept chain=input comment="Aceita acesso ao MK somente do meu outro pc" disabled=no src-address=192.168.1.77 add action=accept chain=input comment="Aceita acesso ao MK somente do meu outro pc" disabled=no src-address=192.168.1.78 add action=drop chain=input comment="Bloqueia todo o resto" disabled=no add action=drop chain=forward comment="Bloqueia Conexoes Invalidas" connection-s tate=invalid disabled=no protocol=tcp add action=accept chain=forward comment="Aceita conexoes ja estabelecidas" conne ction-state=established disabled=no add action=accept chain=forward comment="Aceita Conexoes Relacionadas" connectio n-state=related disabled=no add action=drop chain=input comment="Bloquear TELNET-so pra verificar e garantir " disabled=no dst-port=23 protocol=tcp add action=drop chain=forward comment="Bloqueia Spammers e Usuarios Infectados" disabled=no dst-port=25 protocol=tcp src-address-list=spammer add action=add-src-to-address-list address-list=spammer address-list-timeout=1d chain=forward comment="Detecta Virus ou Spammer e adiciona a lista(SMTP)" connec tion-limit=30,32 disabled=no dst-port=25 limit=50,5 protocol=tcp add action=jump chain=forward comment="Verifica Se e Virus" disabled=no jump-tar get=virus add action=drop chain=virus comment="Sockets des Troie" disabled=no dst-port=1 p rotocol=udp add action=drop chain=virus comment=Death disabled=no dst-port=2 protocol=tcpadd action=drop chain=virus comment="Senna Spy FTP server" disabled=no dst-port= 20 protocol=tcp add action=drop chain=virus comment="Back Construction, Blade Runner, Cattivik F TP Server, CC Invader, Dark FTP, Doly Trojan, Fore, Invisible FTP, Juggernaut 42 " disabled=no dst-port=21 protocol=tcp add action=drop chain=virus comment=Shaft disabled=no dst-port=22 protocol=tcp add action=drop chain=virus comment="Agent 40421" disabled=no dst-port=30 protoc ol=tcp add action=drop chain=virus comment="Agent 31, Hackers Paradise, Masters Paradis e" disabled=no dst-port=31 protocol=tcp add action=drop chain=virus comment="Deep Throat, Foreplay" disabled=no dst-port =41 protocol=tcp add action=drop chain=virus comment=DRAT disabled=no dst-port=48 protocol=tcp add action=drop chain=virus comment=DRAT disabled=no dst-port=50 protocol=tcp add action=drop chain=virus comment=DMSetup disabled=no dst-port=58 protocol=tcp add action=drop chain=virus comment=DMSetup disabled=no dst-port=59 protocol=tcp add action=drop chain=virus comment="CDK, Firehotcker" disabled=no dst-port=79 p rotocol=tcp add action=drop chain=virus comment=RemoConChubo disabled=no dst-port=81 protoco l=tcp add action=drop chain=virus comment="Hidden Port, NCX" disabled=no dst-port=99 p rotocol=tcp add action=drop chain=virus comment="ProMail trojan" disabled=no dst-port=110 pr otocol=tcp add action=drop chain=virus comment="Invisible Identd Deamon, Kazimas" disabled= no dst-port=113 protocol=tcp add action=drop chain=virus comment=Happy99 disabled=no dst-port=119 protocol=tc p add action=drop chain=virus comment="Attack Bot, God Message, JammerKillah" disa bled=no dst-port=121 protocol=tcp add action=drop chain=virus comment="Net Controller" disabled=no dst-port=123 pr otocol=tcp add action=drop chain=virus comment=Farnaz disabled=no dst-port=133 protocol=tcp add action=drop chain=virus comment="Blaster worm" disabled=no dst-port=135-139 protocol=tcp add action=drop chain=virus comment=NetTaxi disabled=no dst-port=142 protocol=tc p add action=drop chain=virus comment=Infector disabled=no dst-port=146 protocol=t cp add action=drop chain=virus comment=Infector disabled=no dst-port=146 protocol=u dp add action=drop chain=virus comment=A-trojan disabled=no dst-port=170 protocol=t cp add action=drop chain=virus comment=Backage disabled=no dst-port=334 protocol=tc p add action=drop chain=virus comment=Backage disabled=no dst-port=411 protocol=tc p add action=drop chain=virus comment="Breach, Incognito" disabled=no dst-port=420 protocol=tcp add action=drop chain=virus comment="TCP Wrappers trojan" disabled=no dst-port=4 21 protocol=tcp add action=drop chain=virus comment="Hackers Paradise" disabled=no dst-port=456 protocol=tcp add action=drop chain=virus comment=Grlogin disabled=no dst-port=513 protocol=tc p add action=drop chain=virus comment="RPC Backdoor" disabled=no dst-port=514 prot ocol=tcp add action=drop chain=virus comment="Net666, Rasmin" disabled=no dst-port=531 pr otocol=tcp add action=drop chain=virus comment="711 trojan, Seven Eleven, Ini-Killer, Net Administrator, Phase Zero, Phase-0, Stealth Spy" disabled=no dst-port=555 protoco l=tcp add action=drop chain=virus comment="Secret Service" disabled=no dst-port=605 pr otocol=tcp add action=drop chain=virus comment="Attack FTP, Back Construction, BLA trojan, Cain & Abel, NokNok, Satans Back Door SBD, ServU, Shadow Phyre, th3r1pp3rz Theri ppers" disabled=no dst-port=666 protocol=tcp add action=drop chain=virus comment=SniperNet disabled=no dst-port=667 protocol= tcp add action=drop chain=virus comment="DP trojan" disabled=no dst-port=669 protoco l=tcp add action=drop chain=virus comment=GayOL disabled=no dst-port=692 protocol=tcp add action=drop chain=virus comment="AimSpy, Undetected" disabled=no dst-port=77 7 protocol=tcp add action=drop chain=virus comment=WinHole disabled=no dst-port=808 protocol=tc p add action=drop chain=virus comment="Dark Shadow" disabled=no dst-port=911 proto col=tcp add action=drop chain=virus comment="Der Spaeher, Direct Connection" disabled=no dst-port=1000 protocol=tcp add action=drop chain=virus comment="Der Spaeher, Le Guardien, Silencer, WebEx" disabled=no dst-port=1001 protocol=tcp add action=drop chain=virus comment="Doly Trojan" disabled=no dst-port=1010-1016 protocol=tcp add action=drop chain=virus comment=Vampire disabled=no dst-port=1020 protocol=t cp add action=drop chain=virus comment="Jade, Latinus, NetSpy" disabled=no dst-port =1024 protocol=tcp add action=drop chain=virus comment="Remote Storm" disabled=no dst-port=1025 pro tocol=tcp add action=drop chain=virus comment="Remote Storm" disabled=no dst-port=1025 pro tocol=udp add action=drop chain=virus comment=Multidropper disabled=no dst-port=1035 proto col=tcp add action=drop chain=virus comment="BLA trojan" disabled=no dst-port=1042 proto col=tcp add action=drop chain=virus comment=Rasmin disabled=no dst-port=1045 protocol=tc p add action=drop chain=virus comment="sbin initd" disabled=no dst-port=1049 proto col=tcp add action=drop chain=virus comment=MiniCommand disabled=no dst-port=1050 protoc ol=tcp add action=drop chain=virus comment="The Thief" disabled=no dst-port=1053 protoc ol=tcp add action=drop chain=virus comment=AckCmd disabled=no dst-port=1054 protocol=tc p add action=drop chain=virus comment=WinHole disabled=no dst-port=1080-1083 proto col=tcp add action=drop chain=virus comment=Xtreme disabled=no dst-port=1090 protocol=tc p add action=drop chain=virus comment="Remote Administration Tool RAT" disabled=no dst-port=1095-1098 protocol=tcp add action=drop chain=virus comment="Blood Fest Evolution, Remote Administration Tool RAT" disabled=no dst-port=1099 protocol=tcp add action=drop chain=virus comment=Orion disabled=no dst-port=1150-1151 protoco l=tcp add action=drop chain=virus comment="Psyber Stream Server PSS, Streaming Audio S erver, Voice" disabled=no dst-port=1170 protocol=tcp add action=drop chain=virus comment=NoBackO disabled=no dst-port=1200-1201 proto col=udpadd action=drop chain=virus comment=SoftWAR disabled=no dst-port=1207 protocol=t cp add action=drop chain=virus comment=Infector disabled=no dst-port=1208 protocol= tcp add action=drop chain=virus comment=Kaos disabled=no dst-port=1212 protocol=tcp add action=drop chain=virus comment="SubSeven Java client, Ultors Trojan" disabl ed=no dst-port=1234 protocol=tcp add action=drop chain=virus comment="BackDoor-G, SubSeven, SubSeven Apocalypse, Tiles" disabled=no dst-port=1243 protocol=tcp add action=drop chain=virus comment="VooDoo Doll" disabled=no dst-port=1245 prot ocol=tcp add action=drop chain=virus comment=Scarab disabled=no dst-port=1255 protocol=tc p add action=drop chain=virus comment="Project nEXT" disabled=no dst-port=1256 pro tocol=tcp add action=drop chain=virus comment=Matrix disabled=no dst-port=1269 protocol=tc p add action=drop chain=virus comment="The Matrix" disabled=no dst-port=1272 proto col=tcp add action=drop chain=virus comment=NETrojan disabled=no dst-port=1313 protocol= tcp add action=drop chain=virus comment="Millenium Worm" disabled=no dst-port=1338 p rotocol=tcp add action=drop chain=virus comment="Bo dll" disabled=no dst-port=1349 protocol= tcp add action=drop chain=virus comment="GoFriller, Backdoor G-1" disabled=no dst-po rt=1394 protocol=tcp add action=drop chain=virus comment="Remote Storm" disabled=no dst-port=1441 pro tocol=tcp add action=drop chain=virus comment=FTP99CMP disabled=no dst-port=1492 protocol= tcp add action=drop chain=virus comment=Trinoo disabled=no dst-port=1524 protocol=tc p add action=drop chain=virus comment="Remote Hack" disabled=no dst-port=1568 prot ocol=tcp add action=drop chain=virus comment="Direct Connection, Shivka-Burka" disabled=n o dst-port=1600 protocol=tcp add action=drop chain=virus comment=Exploiter disabled=no dst-port=1703 protocol =tcp add action=drop chain=virus comment=Scarab disabled=no dst-port=1777 protocol=tc p add action=drop chain=virus comment=SpySender disabled=no dst-port=1807 protocol =tcp add action=drop chain=virus comment="Fake FTP" disabled=no dst-port=1966 protoco l=tcp add action=drop chain=virus comment="WM FTP Server" disabled=no dst-port=1967 pr otocol=tcp add action=drop chain=virus comment="OpC BO" disabled=no dst-port=1969 protocol= tcp add action=drop chain=virus comment="Bowl, Shockrave" disabled=no dst-port=1981 protocol=tcp add action=drop chain=virus comment="Back Door, SubSeven, TransScout" disabled=n o dst-port=1999 protocol=tcp add action=drop chain=virus comment="Der Spaeher, Insane Network, Last 2000, Rem ote Explorer 2000, Senna Spy Trojan Generator" disabled=no dst-port=2000 protoco l=tcp add action=drop chain=virus comment="Der Spaeher, Trojan Cow" disabled=no dst-po rt=2001 protocol=tcp add action=drop chain=virus comment="Ripper Pro" disabled=no dst-port=2023 proto col=tcpadd action=drop chain=virus comment=WinHole disabled=no dst-port=2080 protocol=t cp add action=drop chain=virus comment=Bugs disabled=no dst-port=2115 protocol=tcp add action=drop chain=virus comment="Mini Backlash" disabled=no dst-port=2130 pr otocol=udp add action=drop chain=virus comment="The Invasor" disabled=no dst-port=2140 prot ocol=tcp add action=drop chain=virus comment="Deep Throat, Foreplay" disabled=no dst-port =2140 protocol=udp add action=drop chain=virus comment="Illusion Mailer" disabled=no dst-port=2155 protocol=tcp add action=drop chain=virus comment=Nirvana disabled=no dst-port=2255 protocol=t cp add action=drop chain=virus comment="Hvl RAT" disabled=no dst-port=2283 protocol =tcp add action=drop chain=virus comment=Xplorer disabled=no dst-port=2300 protocol=t cp add action=drop chain=virus comment="Studio 54" disabled=no dst-port=2311 protoc ol=tcp add action=drop chain=virus comment=Contact disabled=no dst-port=2330-2339 proto col=tcp add action=drop chain=virus comment="Voice Spy" disabled=no dst-port=2339 protoc ol=udp add action=drop chain=virus comment="Doly Trojan" disabled=no dst-port=2345 prot ocol=tcp add action=drop chain=virus comment="Striker trojan" disabled=no dst-port=2565 p rotocol=tcp add action=drop chain=virus comment=WinCrash disabled=no dst-port=2583 protocol= tcp add action=drop chain=virus comment="Digital RootBeer" disabled=no dst-port=2600 protocol=tcp add action=drop chain=virus comment="The Prayer" disabled=no dst-port=2716 proto col=tcp add action=drop chain=virus comment="SubSeven, SubSeven 2.1 Gold" disabled=no ds t-port=2773-2774 protocol=tcp add action=drop chain=virus comment="Phineas Phucker" disabled=no dst-port=2801 protocol=tcp add action=drop chain=virus comment="Remote Administration Tool RAT" disabled=no dst-port=2989 protocol=udp add action=drop chain=virus comment="Remote Shut" disabled=no dst-port=3000 prot ocol=tcp add action=drop chain=virus comment=WinCrash disabled=no dst-port=3024 protocol= tcp add action=drop chain=virus comment=Microspy disabled=no dst-port=3031 protocol= tcp add action=drop chain=virus comment="Masters Paradise" disabled=no dst-port=3129 protocol=tcp add action=drop chain=virus comment="The Invasor" disabled=no dst-port=3150 prot ocol=tcp add action=drop chain=virus comment="Deep Throat, Foreplay, Mini Backlash" disab led=no dst-port=3150 protocol=udp add action=drop chain=virus comment="Terror trojan" disabled=no dst-port=3456 pr otocol=tcp add action=drop chain=virus comment="Eclipse 2000, Sanctuary" disabled=no dst-po rt=3459 protocol=tcp add action=drop chain=virus comment="Portal of Doom" disabled=no dst-port=3700 p rotocol=tcp add action=drop chain=virus comment=PsychWard disabled=no dst-port=3777 protocol =tcp add action=drop chain=virus comment="Total Solar Eclypse" disabled=no dst-port=3791-3801 protocol=tcp add action=drop chain=virus comment=SkyDance disabled=no dst-port=4000 protocol= tcp add action=drop chain=virus comment=WinCrash disabled=no dst-port=4092 protocol= tcp add action=drop chain=virus comment="Virtual Hacking Machine VHM" disabled=no ds t-port=4242 protocol=tcp add action=drop chain=virus comment=BoBo disabled=no dst-port=4321 protocol=tcp add action=drop chain=virus comment="Prosiak, Swift Remote" disabled=no dst-port =4444 protocol=tcp add action=drop chain=virus comment="File Nail" disabled=no dst-port=4567 protoc ol=tcp add action=drop chain=virus comment="ICQ Trojan" disabled=no dst-port=4590 proto col=tcp add action=drop chain=virus comment="ICQ Trogen Lm" disabled=no dst-port=4950 pr otocol=tcp add action=drop chain=virus comment="Back Door Setup, Blazer5, Bubbel, ICKiller, Ra1d, Sockets des Troie" disabled=no dst-port=5000 protocol=tcp add action=drop chain=virus comment="Back Door Setup, Sockets des Troie" disable d=no dst-port=5001 protocol=tcp add action=drop chain=virus comment="cd00r, Shaft" disabled=no dst-port=5002 pro tocol=tcp add action=drop chain=virus comment=Solo disabled=no dst-port=5010 protocol=tcp add action=drop chain=virus comment="One of the Last Trojans OOTLT, One of the L ast Trojans OOTLT, modified" disabled=no dst-port=5011 protocol=tcp add action=drop chain=virus comment="WM Remote KeyLogger" disabled=no dst-port=5 025 protocol=tcp add action=drop chain=virus comment="Net Metropolitan" disabled=no dst-port=5031 -5032 protocol=tcp add action=drop chain=virus comment=Firehotcker disabled=no dst-port=5321 protoc ol=tcp add action=drop chain=virus comment="Backage, NetDemon" disabled=no dst-port=533 3 protocol=tcp add action=drop chain=virus comment="wCrat WC Remote Administration Tool" disabl ed=no dst-port=5343 protocol=tcp add action=drop chain=virus comment="Back Construction, Blade Runner" disabled=n o dst-port=5400-5402 protocol=tcp add action=drop chain=virus comment="Illusion Mailer" disabled=no dst-port=5512 protocol=tcp add action=drop chain=virus comment="The Flu" disabled=no dst-port=5534 protocol =tcp add action=drop chain=virus comment=Xtcp disabled=no dst-port=5550 protocol=tcp add action=drop chain=virus comment=ServeMe disabled=no dst-port=5555 protocol=t cp add action=drop chain=virus comment="BO Facil" disabled=no dst-port=5556-5557 pr otocol=tcp add action=drop chain=virus comment=Robo-Hack disabled=no dst-port=5569 protocol =tcp add action=drop chain=virus comment="PC Crasher" disabled=no dst-port=5637-5638 protocol=tcp add action=drop chain=virus comment=WinCrash disabled=no dst-port=5742 protocol= tcp add action=drop chain=virus comment="Portmap Remote Root Linux Exploit" disabled =no dst-port=5760 protocol=tcp add action=drop chain=virus comment="Y3K RAT" disabled=no dst-port=5880-5889 pro tocol=tcp add action=drop chain=virus comment="The Thing" disabled=no dst-port=6000 protoc ol=tcp add action=drop chain=virus comment="Bad Blood" disabled=no dst-port=6006 protoc ol=tcpadd action=drop chain=virus comment="Secret Service" disabled=no dst-port=6272 p rotocol=tcp add action=drop chain=virus comment="The Thing" disabled=no dst-port=6400 protoc ol=tcp add action=drop chain=virus comment="TEMan, Weia-Meia" disabled=no dst-port=6661 protocol=tcp add action=drop chain=virus comment="Dark Connection Inside, NetBus worm" disabl ed=no dst-port=6666 protocol=tcp add action=drop chain=virus comment="Dark FTP, ScheduleAgent, SubSeven, Subseven 2.1.4 DefCon 8, Trinity, WinSatan" disabled=no dst-port=6667 protocol=tcp add action=drop chain=virus comment="Host Control, Vampire" disabled=no dst-port =6669 protocol=tcp add action=drop chain=virus comment="BackWeb Server, Deep Throat, Foreplay, WinN uke eXtreame" disabled=no dst-port=6670 protocol=tcp add action=drop chain=virus comment="BackDoor-G, SubSeven, VP Killer" disabled=n o dst-port=6711 protocol=tcp add action=drop chain=virus comment="Funny trojan, SubSeven" disabled=no dst-por t=6712 protocol=tcp add action=drop chain=virus comment=SubSeven disabled=no dst-port=6713 protocol= tcp add action=drop chain=virus comment=Mstream disabled=no dst-port=6723 protocol=t cp add action=drop chain=virus comment="Deep Throat, Foreplay" disabled=no dst-port =6771 protocol=tcp add action=drop chain=virus comment="2000 Cracks, BackDoor-G, SubSeven, VP Kille r" disabled=no dst-port=6776 protocol=tcp add action=drop chain=virus comment=Mstream disabled=no dst-port=6838 protocol=u dp add action=drop chain=virus comment="Delta Source DarkStar" disabled=no dst-port =6883 protocol=tcp add action=drop chain=virus comment="Shit Heep" disabled=no dst-port=6912 protoc ol=tcp add action=drop chain=virus comment=Indoctrination disabled=no dst-port=6939 pro tocol=tcp add action=drop chain=virus comment="GateCrasher, IRC 3, Net Controller, Priorit y" disabled=no dst-port=6969-6970 protocol=tcp add action=drop chain=virus comment="Exploit Translation Server, Kazimas, Remote Grab, SubSeven, SubSeven 2.1 Gold" disabled=no dst-port=7000 protocol=tcp add action=drop chain=virus comment="Freak88, Freak2k" disabled=no dst-port=7001 protocol=tcp add action=drop chain=virus comment="SubSeven, SubSeven 2.1 Gold" disabled=no ds t-port=7215 protocol=tcp add action=drop chain=virus comment=NetMonitor disabled=no dst-port=7300-7308 pr otocol=tcp add action=drop chain=virus comment="Host Control" disabled=no dst-port=7424 pro tocol=tcp add action=drop chain=virus comment="Host Control" disabled=no dst-port=7424 pro tocol=udp add action=drop chain=virus comment=Qaz disabled=no dst-port=7597 protocol=tcp add action=drop chain=virus comment=Glacier disabled=no dst-port=7626 protocol=t cp add action=drop chain=virus comment="God Message, Tini" disabled=no dst-port=777 7 protocol=tcp add action=drop chain=virus comment="Back Door Setup, ICKiller" disabled=no dstport=7789 protocol=tcp add action=drop chain=virus comment="The ReVeNgEr" disabled=no dst-port=7891 pro tocol=tcp add action=drop chain=virus comment=Mstream disabled=no dst-port=7983 protocol=t cp add action=drop chain=virus comment="Back Orifice 2000" disabled=no dst-port=8787 protocol=tcp add action=drop chain=virus comment=BacHack disabled=no dst-port=8988 protocol=t cp add action=drop chain=virus comment="Rcon, Recon, Xcon" disabled=no dst-port=898 9 protocol=tcp add action=drop chain=virus comment=Netministrator disabled=no dst-port=9000 pro tocol=tcp add action=drop chain=virus comment=Mstream disabled=no dst-port=9325 protocol=u dp add action=drop chain=virus comment=InCommand disabled=no dst-port=9400 protocol =tcp add action=drop chain=virus comment="Portal of Doom" disabled=no dst-port=9872-9 875 protocol=tcp add action=drop chain=virus comment="Cyber Attacker, Rux" disabled=no dst-port=9 876 protocol=tcp add action=drop chain=virus comment=TransScout disabled=no dst-port=9878 protoco l=tcp add action=drop chain=virus comment=Ini-Killer disabled=no dst-port=9989 protoco l=tcp add action=drop chain=virus comment="The Prayer" disabled=no dst-port=9999 proto col=tcp add action=drop chain=virus comment=OpwinTRojan disabled=no dst-port=10000-10005 protocol=tcp add action=drop chain=virus comment="Portal of Doom" disabled=no dst-port=10067 protocol=udp add action=drop chain=virus comment=Syphillis disabled=no dst-port=10085-10086 p rotocol=tcp add action=drop chain=virus comment="Control Total, Gift trojan" disabled=no dst -port=10100 protocol=tcp add action=drop chain=virus comment="BrainSpy, Silencer" disabled=no dst-port=10 101 protocol=tcp add action=drop chain=virus comment="Portal of Doom" disabled=no dst-port=10167 protocol=udp add action=drop chain=virus comment="Acid Shivers" disabled=no dst-port=10520 pr otocol=tcp add action=drop chain=virus comment="Host Control" disabled=no dst-port=10528 pr otocol=tcp add action=drop chain=virus comment=Coma disabled=no dst-port=10607 protocol=tcp add action=drop chain=virus comment=Ambush disabled=no dst-port=10666 protocol=u dp add action=drop chain=virus comment="Senna Spy Trojan Generator" disabled=no dst -port=11000 protocol=tcp add action=drop chain=virus comment="Host Control" disabled=no dst-port=11050-11 051 protocol=tcp add action=drop chain=virus comment="Progenic trojan, Secret Agent" disabled=no dst-port=11223 protocol=tcp add action=drop chain=virus comment=Gjamer disabled=no dst-port=12076 protocol=t cp add action=drop chain=virus comment="Hack99 KeyLogger" disabled=no dst-port=1222 3 protocol=tcp add action=drop chain=virus comment="Ashley, cron crontab, Fat Bitch trojan, Gab anBus, icmp_client.c, icmp_pipe.c, Mypic, NetBus, NetBus Toy, NetBus worm" disab led=no dst-port=12345 protocol=tcp add action=drop chain=virus comment="Fat Bitch trojan, GabanBus, NetBus, X-bill" disabled=no dst-port=12346 protocol=tcp add action=drop chain=virus comment=BioNet disabled=no dst-port=12349 protocol=t cp add action=drop chain=virus comment=Whack-a-mole disabled=no dst-port=12361-1236 3 protocol=tcp add action=drop chain=virus comment="DUN Control" disabled=no dst-port=12623 protocol=udp add action=drop chain=virus comment=ButtMan disabled=no dst-port=12624 protocol= tcp add action=drop chain=virus comment="Whack Job" disabled=no dst-port=12631 proto col=tcp add action=drop chain=virus comment=Mstream disabled=no dst-port=12754 protocol= tcp add action=drop chain=virus comment="Senna Spy Trojan Generator, Senna Spy Troja n Generator" disabled=no dst-port=13000 protocol=tcp add action=drop chain=virus comment="Hacker Brasil HBR" disabled=no dst-port=130 10 protocol=tcp add action=drop chain=virus comment=PsychWard disabled=no dst-port=13013-13014 p rotocol=tcp add action=drop chain=virus comment="Hack99 KeyLogger" disabled=no dst-port=1322 3 protocol=tcp add action=drop chain=virus comment=Chupacabra disabled=no dst-port=13473 protoc ol=tcp add action=drop chain=virus comment="PC Invader" disabled=no dst-port=14500-1450 3 protocol=tcp add action=drop chain=virus comment=NetDemon disabled=no dst-port=15000 protocol =tcp add action=drop chain=virus comment="Host Control" disabled=no dst-port=15092 pr otocol=tcp add action=drop chain=virus comment=Mstream disabled=no dst-port=15104 protocol= tcp add action=drop chain=virus comment=SubZero disabled=no dst-port=15382 protocol= tcp add action=drop chain=virus comment=CDK disabled=no dst-port=15858 protocol=tcp add action=drop chain=virus comment=Mosucker disabled=no dst-port=16484 protocol =tcp add action=drop chain=virus comment=Stacheldraht disabled=no dst-port=16660 prot ocol=tcp add action=drop chain=virus comment="ICQ Revenge" disabled=no dst-port=16772 pro tocol=tcp add action=drop chain=virus comment="SubSeven, Subseven 2.1.4 DefCon 8" disabled =no dst-port=16959 protocol=tcp add action=drop chain=virus comment=Priority disabled=no dst-port=16969 protocol =tcp add action=drop chain=virus comment=Mosaic disabled=no dst-port=17166 protocol=t cp add action=drop chain=virus comment="Kuang2 the virus" disabled=no dst-port=1730 0 protocol=tcp add action=drop chain=virus comment=CrazzyNet disabled=no dst-port=17499-17500 p rotocol=tcp add action=drop chain=virus comment=Infector disabled=no dst-port=17569 protocol =tcp add action=drop chain=virus comment=Audiodoor disabled=no dst-port=17593 protoco l=tcp add action=drop chain=virus comment=Nephron disabled=no dst-port=17777 protocol= tcp add action=drop chain=virus comment=Shaft disabled=no dst-port=18753 protocol=ud p add action=drop chain=virus comment="ICQ Revenge" disabled=no dst-port=19864 pro tocol=tcp add action=drop chain=virus comment=Millenium disabled=no dst-port=20000 protoco l=tcp add action=drop chain=virus comment="Millenium, Millenium Lm" disabled=no dst-po rt=20001 protocol=tcp add action=drop chain=virus comment=AcidkoR disabled=no dst-port=20002 protocol= tcpadd action=drop chain=virus comment=Mosucker disabled=no dst-port=20005 protocol =tcp add action=drop chain=virus comment="VP Killer" disabled=no dst-port=20023 proto col=tcp add action=drop chain=virus comment="NetBus 2.0 Pro, NetBus 2.0 Pro Hidden, NetR ex, Whack Job" disabled=no dst-port=20034 protocol=tcp add action=drop chain=virus comment=Chupacabra disabled=no dst-port=20203 protoc ol=tcp add action=drop chain=virus comment="BLA trojan" disabled=no dst-port=20331 prot ocol=tcp add action=drop chain=virus comment=Shaft disabled=no dst-port=20432 protocol=tc p add action=drop chain=virus comment=Shaft disabled=no dst-port=20433 protocol=ud p add action=drop chain=virus comment="GirlFriend, Kid Terror" disabled=no dst-por t=21544 protocol=tcp add action=drop chain=virus comment="Exploiter, Kid Terror, Schwindler, Winsp00f er" disabled=no dst-port=21554 protocol=tcp add action=drop chain=virus comment="Donald Dick, Prosiak, Ruler, RUX The TIc.K" disabled=no dst-port=22222 protocol=tcp add action=drop chain=virus comment=NetTrash disabled=no dst-port=23005-23006 pr otocol=tcp add action=drop chain=virus comment=Logged disabled=no dst-port=23023 protocol=t cp add action=drop chain=virus comment=Amanda disabled=no dst-port=23032 protocol=t cp add action=drop chain=virus comment=Asylum disabled=no dst-port=23432 protocol=t cp add action=drop chain=virus comment="Evil FTP, Ugly FTP, Whack Job" disabled=no dst-port=23456 protocol=tcp add action=drop chain=virus comment="Donald Dick" disabled=no dst-port=23476 pro tocol=tcp add action=drop chain=virus comment="Donald Dick" disabled=no dst-port=23476 pro tocol=udp add action=drop chain=virus comment="Donald Dick" disabled=no dst-port=23477 pro tocol=tcp add action=drop chain=virus comment=InetSpy disabled=no dst-port=23777 protocol= tcp add action=drop chain=virus comment=Infector disabled=no dst-port=24000 protocol =tcp add action=drop chain=virus comment=Moonpie disabled=no dst-port=25685-25982 pro tocol=tcp add action=drop chain=virus comment="Delta Source" disabled=no dst-port=26274 pr otocol=udp add action=drop chain=virus comment="Voice Spy" disabled=no dst-port=26681 proto col=tcp add action=drop chain=virus comment="Bad Blood, Ramen, Seeker, SubSeven, SubSeve n 2.1 Gold, Subseven 2.1.4 DefCon 8, SubSeven Muie, Ttfloader" disabled=no dst-p ort=27374 protocol=tcp add action=drop chain=virus comment=Trinoo disabled=no dst-port=27444 protocol=u dp add action=drop chain=virus comment=SubSeven disabled=no dst-port=27573 protocol =tcp add action=drop chain=virus comment=Trinoo disabled=no dst-port=27665 protocol=t cp add action=drop chain=virus comment=NetTrojan disabled=no dst-port=29104 protoco l=tcp add action=drop chain=virus comment=ovasOn disabled=no dst-port=29369 protocol=t cp add action=drop chain=virus comment="The Unexplained" disabled=no dst-port=29891protocol=tcp add action=drop chain=virus comment=Infector disabled=no dst-port=30000 protocol =tcp add action=drop chain=virus comment=ErrOr32 disabled=no dst-port=30001 protocol= tcp add action=drop chain=virus comment="Lamers Death" disabled=no dst-port=30003 pr otocol=tcp add action=drop chain=virus comment="AOL trojan" disabled=no dst-port=30029 prot ocol=tcp add action=drop chain=virus comment=NetSphere disabled=no dst-port=30100-30133 p rotocol=tcp add action=drop chain=virus comment=NetSphere disabled=no dst-port=30103 protoco l=udp add action=drop chain=virus comment="Sockets des Troie" disabled=no dst-port=303 03 protocol=tcp add action=drop chain=virus comment=Intruse disabled=no dst-port=30947 protocol= tcp add action=drop chain=virus comment=Kuang2 disabled=no dst-port=30999 protocol=t cp add action=drop chain=virus comment=Trinoo disabled=no dst-port=31335 protocol=t cp add action=drop chain=virus comment="Bo Whack, Butt Funnel" disabled=no dst-port =31336 protocol=tcp add action=drop chain=virus comment="Back Fire, Back Orifice 1.20 patches, Back Orifice Lm, Back Orifice russian, Baron Night, Beeone, BO client, BO Facil, BO s py" disabled=no dst-port=31337 protocol=tcp add action=drop chain=virus comment="Back Orifice, Deep BO" disabled=no dst-port =31337 protocol=udp add action=drop chain=virus comment="Back Orifice, Butt Funnel, NetSpy DK" disab led=no dst-port=31338 protocol=tcp add action=drop chain=virus comment="Deep BO" disabled=no dst-port=31338 protoco l=udp add action=drop chain=virus comment="NetSpy DK" disabled=no dst-port=31339 proto col=tcp add action=drop chain=virus comment=BOWhack disabled=no dst-port=31666 protocol= tcp add action=drop chain=virus comment="Hack a Tack" disabled=no dst-port=31785-317 92 protocol=tcp add action=drop chain=virus comment="Hack a Tack" disabled=no dst-port=31791-317 92 protocol=udp add action=drop chain=virus comment="Donald Dick" disabled=no dst-port=32001 pro tocol=tcp add action=drop chain=virus comment="Peanut Brittle, Project nEXT" disabled=no d st-port=32100 protocol=tcp add action=drop chain=virus comment="Acid Battery" disabled=no dst-port=32418 pr otocol=tcp add action=drop chain=virus comment=Trinity disabled=no dst-port=33270 protocol= tcp add action=drop chain=virus comment="Blakharaz, Prosiak" disabled=no dst-port=33 333 protocol=tcp add action=drop chain=virus comment="Son of PsychWard" disabled=no dst-port=3357 7-33777 protocol=tcp add action=drop chain=virus comment="Spirit 2000, Spirit 2001" disabled=no dst-p ort=33911 protocol=tcp add action=drop chain=virus comment="Big Gluck, TN" disabled=no dst-port=34324 p rotocol=tcp add action=drop chain=virus comment="Donald Dick" disabled=no dst-port=34444 pro tocol=tcp add action=drop chain=virus comment="Trinoo for Windows" disabled=no dst-port=34 555-35555 protocol=udpadd action=drop chain=virus comment=Mantis disabled=no dst-port=37237 protocol=t cp add action=drop chain=virus comment="Yet Another Trojan YAT" disabled=no dst-por t=37651 protocol=tcp add action=drop chain=virus comment="The Spy" disabled=no dst-port=40412 protoco l=tcp add action=drop chain=virus comment="Agent 40421, Masters Paradise" disabled=no dst-port=40421 protocol=tcp add action=drop chain=virus comment="Masters Paradise" disabled=no dst-port=4042 2-40426 protocol=tcp add action=drop chain=virus comment=Storm disabled=no dst-port=41337 protocol=tc p add action=drop chain=virus comment="Remote Boot Tool RBT, Remote Boot Tool RBT" disabled=no dst-port=41666 protocol=tcp add action=drop chain=virus comment=Prosiak disabled=no dst-port=44444 protocol= tcp add action=drop chain=virus comment=Exploiter disabled=no dst-port=44575 protoco l=tcp add action=drop chain=virus comment="Delta Source" disabled=no dst-port=47262 pr otocol=udp add action=drop chain=virus comment="OnLine KeyLogger" disabled=no dst-port=4930 1 protocol=tcp add action=drop chain=virus comment=Enterprise disabled=no dst-port=50130 protoc ol=tcp add action=drop chain=virus comment="Sockets des Troie" disabled=no dst-port=505 05 protocol=tcp add action=drop chain=virus comment="Fore, Schwindler" disabled=no dst-port=5076 6 protocol=tcp add action=drop chain=virus comment=Cafeini disabled=no dst-port=51966 protocol= tcp add action=drop chain=virus comment="Acid Battery 2000" disabled=no dst-port=523 17 protocol=tcp add action=drop chain=virus comment="Remote Windows Shutdown RWS" disabled=no ds t-port=53001 protocol=tcp add action=drop chain=virus comment="SubSeven, SubSeven 2.1 Gold" disabled=no ds t-port=54283 protocol=tcp add action=drop chain=virus comment="Back Orifice 2000" disabled=no dst-port=543 20 protocol=tcp add action=drop chain=virus comment="Back Orifice 2000, School Bus" disabled=no dst-port=54321 protocol=tcp add action=drop chain=virus comment="File Manager trojan, File Manager trojan, W M Trojan Generator" disabled=no dst-port=55165 protocol=tcp add action=drop chain=virus comment="WM Trojan Generator" disabled=no dst-port=5 5166 protocol=tcp add action=drop chain=virus comment=NetRaider disabled=no dst-port=57341 protoco l=tcp add action=drop chain=virus comment="Butt Funnel" disabled=no dst-port=58339 pro tocol=tcp add action=drop chain=virus comment="Deep Throat, Foreplay, Sockets des Troie" d isabled=no dst-port=60000 protocol=tcp add action=drop chain=virus comment=Trinity disabled=no dst-port=60001 protocol= tcp add action=drop chain=virus comment="Xzip 6000068" disabled=no dst-port=60068 pr otocol=tcp add action=drop chain=virus comment=Connection disabled=no dst-port=60411 protoc ol=tcp add action=drop chain=virus comment=Bunker-Hill disabled=no dst-port=61348 proto col=tcp add action=drop chain=virus comment=TeleCommando disabled=no dst-port=61466 prot ocol=tcpadd action=drop chain=virus comment=Bunker-Hill disabled=no dst-port=61603 proto col=tcp add action=drop chain=virus comment=Bunker-Hill disabled=no dst-port=63485 proto col=tcp add action=drop chain=virus comment=Taskman disabled=no dst-port=64101 protocol= tcp add action=drop chain=virus comment="Devil, Sockets des Troie, Stacheldraht" dis abled=no dst-port=65000 protocol=tcp add action=drop chain=virus comment=Eclypse disabled=no dst-port=65390 protocol= tcp add action=drop chain=virus comment=Jade disabled=no dst-port=65421 protocol=tcp add action=drop chain=virus comment="The Traitor th3tr41t0r" disabled=no dst-por t=65432 protocol=tcp add action=drop chain=virus comment="The Traitor th3tr41t0r" disabled=no dst-por t=65432 protocol=udp add action=drop chain=virus comment="sbin initd" disabled=no dst-port=65534 prot ocol=tcp add action=drop chain=virus comment="RC1 trojan" disabled=no dst-port=65535 prot ocol=tcp add action=drop chain=virus comment="Drop Messenger Worm" disabled=no dst-port=1 35-139 protocol=udp add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=445 protocol=tcp add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=445 protocol=udp add action=drop chain=virus comment=________ disabled=no dst-port=1024-1030 prot ocol=tcp add action=drop chain=virus comment="Drop MyDoom" disabled=no dst-port=1080 prot ocol=tcp add action=drop chain=virus comment=________ disabled=no dst-port=1214 protocol= tcp add action=drop chain=virus comment="ndm requester" disabled=no dst-port=1363 pr otocol=tcp add action=drop chain=virus comment="ndm server" disabled=no dst-port=1364 proto col=tcp add action=drop chain=virus comment="screen cast" disabled=no dst-port=1368 prot ocol=tcp add action=drop chain=virus comment=hromgrafx disabled=no dst-port=1373 protocol =tcp add action=drop chain=virus comment=cichlid disabled=no dst-port=1377 protocol=t cp add action=drop chain=virus comment=Worm disabled=no dst-port=1433-1434 protocol =tcp add action=drop chain=virus comment="Bagle Virus" disabled=no dst-port=2745 prot ocol=tcp add action=drop chain=virus comment="Drop Dumaru.Y" disabled=no dst-port=2283 pr otocol=tcp add action=drop chain=virus comment="Drop Beagle" disabled=no dst-port=2535 prot ocol=tcp add action=drop chain=virus comment="Drop Beagle.C-K" disabled=no dst-port=2745 protocol=tcp add action=drop chain=virus comment="Drop MyDoom" disabled=yes dst-port=3127-312 8 protocol=tcp add action=drop chain=virus comment="Drop Backdoor OptixPro" disabled=no dst-por t=3410 protocol=tcp add action=drop chain=virus comment=Worm disabled=no dst-port=4444 protocol=udp add action=drop chain=virus comment="Drop Sasser" disabled=no dst-port=5554 prot ocol=tcp add action=drop chain=virus comment="Drop Beagle.B" disabled=no dst-port=8866 pr otocol=tcpadd action=drop chain=virus comment="Drop Dabber.A-B" disabled=no dst-port=9898 protocol=tcp add action=drop chain=virus comment="Drop MyDoom.B" disabled=no dst-port=10080 p rotocol=tcp add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" disabled=no d st-port=65506 protocol=tcp add action=jump chain=forward comment="Redireciona - Deleta virus Conhecidos" di sabled=no jump-target=known_viruses add action=jump chain=forward comment="Redireciona-Pessoas M\E1s" disabled=no ju mp-target=bad_people add action=drop chain=known_viruses comment="msblast worm" disabled=no dst-port= 593 protocol=tcp add action=drop chain=known_viruses comment="SoBig.f worm" disabled=no dst-port= 995-999 protocol=tcp add action=drop chain=known_viruses comment="SoBig.f worm" disabled=no dst-port= 8998 protocol=tcp add action=drop chain=known_viruses comment="beagle worm" disabled=no dst-port=4 751 protocol=tcp add action=drop chain=bad_people comment="Known Spammer" disabled=no src-address =81.180.98.3 add action=drop chain=bad_people comment="Known Spammer" disabled=no src-address =24.73.97.226 add action=drop chain=bad_people comment="http://isc.incidents.org/top10.html li sted" disabled=no src-address=211.144.112.16 add action=drop chain=bad_people comment="" disabled=no src-address=218.104.138. 166 add action=drop chain=bad_people comment="" disabled=no src-address=212.3.250.19 4 add action=drop chain=bad_people comment="" disabled=no src-address=203.94.243.1 91 add action=drop chain=bad_people comment="" disabled=no src-address=202.101.235. 100 add action=drop chain=bad_people comment="" disabled=no src-address=58.16.228.42 add action=drop chain=bad_people comment="" disabled=no src-address=58.248.8.2 add action=drop chain=bad_people comment="" disabled=no src-address=202.99.11.99 add action=drop chain=bad_people comment="" disabled=no src-address=218.52.237.2 19 add action=drop chain=bad_people comment="" disabled=no src-address=222.173.101. 157 add action=drop chain=bad_people comment="" disabled=no src-address=58.242.34.23 5 add action=drop chain=bad_people comment="" disabled=no src-address=222.80.184.2 3 add action=jump chain=forward comment="Redireciona Tcp" disabled=no jump-target= tcp protocol=tcp add action=jump chain=forward comment="Redireciona Udp" disabled=no jump-target= udp protocol=udp add action=jump chain=forward comment="Redireciona Icmp" disabled=no jump-target =icmp protocol=icmp add action=drop chain=tcp comment="Mikrotik bloqueia tcp satan traffic =>deny TF TP" disabled=no dst-port=69 protocol=tcp add action=drop chain=tcp comment="=> deny RPC portmapper" disabled=no dst-port= 111 protocol=tcp add action=drop chain=tcp comment="=> deny RPC portmapper" disabled=no dst-port= 135 protocol=tcp add action=drop chain=tcp comment="=> deny NBT" disabled=no dst-port=137-139 pro tocol=tcp add action=drop chain=tcp comment="=> deny NFS" disabled=no dst-port=2049 protoc ol=tcp add action=drop chain=tcp comment="=> deny NetBus" disabled=no dst-port=12345-12346 protocol=tcp add action=drop chain=tcp comment="=> deny BackOriffice" disabled=no dst-port=31 33 protocol=tcp add action=drop chain=tcp comment="=> deny DHCP" disabled=no dst-port=67-68 prot ocol=tcp add action=drop chain=udp comment="Mikrotik Bloqueia udp satan traffic => deny T FTP" disabled=no dst-port=69 protocol=udp add action=drop chain=udp comment="=> deny PRC portmapper" disabled=no dst-port= 111 protocol=udp add action=drop chain=udp comment="=> deny PRC portmapper" disabled=no dst-port= 135 protocol=udp add action=drop chain=udp comment="=> deny NBT" disabled=no dst-port=137-139 pro tocol=udp add action=drop chain=udp comment="=> deny NFS" disabled=no dst-port=2049 protoc ol=udp add action=drop chain=udp comment="=> deny BackOriffice" disabled=no dst-port=31 33 protocol=udp add action=accept chain=icmp comment="Aceita Conexoes Estabelecidas" disabled=no icmp-options=3:0 protocol=icmp add action=accept chain=icmp comment="Aceita conexoes ja estabelecidas" disabled =no icmp-options=3:1 protocol=icmp add action=accept chain=icmp comment="allow source quench" disabled=no icmp-opti ons=4:0 protocol=icmp add action=accept chain=icmp comment="allow echo request" disabled=no icmp-optio ns=8:0 protocol=icmp add action=accept chain=icmp comment="allow time exceed" disabled=no icmp-option s=11:0 protocol=icmp add action=accept chain=icmp comment="allow parameter bad" disabled=no icmp-opti ons=12:0 protocol=icmp add action=accept chain=ICMP comment="0:0 and limit for 5pac/s" disabled=no icmp -options=0:0-255 limit=5,5 protocol=icmp add action=accept chain=ICMP comment="3:3 and limit for 5pac/s" disabled=no icmp -options=3:3 limit=5,5 protocol=icmp add action=accept chain=ICMP comment="3:4 and limit for 5pac/s" disabled=no icmp -options=3:4 limit=5,5 protocol=icmp add action=accept chain=ICMP comment="8:0 and limit for 5pac/s" disabled=no icmp -options=8:0-255 limit=5,5 protocol=icmp add action=accept chain=ICMP comment="11:0 and limit for 5pac/s" disabled=no icm p-options=11:0-255 limit=5,5 protocol=icmp add action=jump chain=forward comment="Verifica Se e Trojans" disabled=no jump-t arget=trojans add action=drop chain=trojans comment="" disabled=no dst-port=6660 protocol=tcp add action=jump chain=forward comment="Algumas portas devem ser negadas." disabl ed=no jump-target=portas_negadas add action=drop chain=portas_negadas comment="" disabled=no dst-port=12345 proto col=udp add action=drop chain=portas_negadas comment="" disabled=no dst-port=12346 proto col=udp add action=drop chain=portas_negadas comment="" disabled=no dst-port=1034 protoc ol=tcp add action=drop chain=portas_negadas comment="" disabled=no dst-port=3389 protoc ol=tcp add action=drop chain=portas_negadas comment="" disabled=no dst-port=5900 protoc ol=tcp add action=drop chain=forward comment="bloquear .src" content=.src disabled=no add action=drop chain=forward comment="Bloquear Porta 0" disabled=no dst-port=0 protocol=tcp add action=drop chain=forward comment="" disabled=no dst-port=0 protocol=udp add action=drop chain=forward comment="Bloqueia bogons" disabled=no src-addresslist=illegal-addradd action=drop chain=forward comment="Bloqueia bogons" disabled=no src-addresslist=BOGONS add action=drop chain=forward comment="Bloqueia bogons" disabled=no src-addresslist=bogons


Revista MK Jan

Revista MK Jan

IPCop Firewall

IPCop Firewall

Firewall em Linux

Firewall em Linux

Squid e Firewall

Squid e Firewall

Pizza upa ..mk

Pizza upa ..mk

Firewall: Redes Protegidas

Firewall: Redes Protegidas

Clippings mk julho

Clippings mk julho

Comandos Firewall

Comandos Firewall

Apresentação Completa MK

Apresentação Completa MK

Tcc Firewall Iptables

Tcc Firewall Iptables

Apresentacao negocio mk

Apresentacao negocio mk

Firewall de Rede

Firewall de Rede

Sistemas Firewall

Sistemas Firewall

Firewall - Ataques & Dicas

Firewall - Ataques & Dicas

aula eloisa Jana · site MK, Minha assistente MK, Apprenda MK, MK eCatalog, Maquiagem virtual Mary Kay, cuidado com oportunistas! • Agenda. Seu negócio te dá retorno proporcional

aula eloisa Jana · site MK, Minha assistente MK, Apprenda MK, MK eCatalog, Maquiagem virtual Mary Kay, cuidado com oportunistas! • Agenda. Seu negócio te dá retorno proporcional

MK Controle Comunicação

MK Controle Comunicação

Sistemas de firewall

Sistemas de firewall

Clippings mk maio

Clippings mk maio

Artigo Firewall

Artigo Firewall

FIREWALL - WordPress.com€¦ · Firewall (definições) Conexão Segura Infraestrutura de rede Proteção de Redes: Firewall . Firewall - Introdução Definição Dispositivo que

FIREWALL - WordPress.com€¦ · Firewall (definições) Conexão Segura Infraestrutura de rede Proteção de Redes: Firewall . Firewall - Introdução Definição Dispositivo que