logo
Home » Mikrotik » Block or Drop Mengatasi Netcut dengan Firewall Filter Mikrotik

Block or Drop Mengatasi Netcut dengan Firewall Filter Mikrotik

Block or Drop Mengatasi Netcut dengan Firewall Filter Mikrotik


Berikut analisa cara kerja filter firewall anti netcut ini:
netcut pada waktu scan network ngecek ip2 dibutuhkannya bisa diakses atau tidak, kalau ga bisa diakses dia bikin IP bar, semua client yg ga diproteksi dialokasikan ke ip bar tersebut. bila diizinkan maka IP pengguna netcut yg akan terputus dari jaringan, sedangkan client laen ga putus (kalau ga di-cut off).... maknyuss lagi apabila dikombinasikan dengan filter2 port knocking, drop brutus, filter bawaan webbox juga, cuma pesan ati2 aja, filter2 tersebut dicoba satu2 karena kalau ga malah bikin berat koneksi.

kelemahannya kadangkala trafik netcut ga keliatan

Yg perlu diingat filter firewall ini cuma utk melindungi router, bukan client network keseluruhan, kalau di client sih ya instal semacam antinetcut, antispyware, dll...
Block or Drop Mengatasi Netcut dengan Firewall Filter Mikrotik

/ip firewall filter
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=61.213.183.1-61.213.183.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=67.195.134.1-67.195.134.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=68.142.233.1-68.142.233.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=68.180.217.1-68.180.217.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=203.84.204.1-203.84.204.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=69.63.176.1-69.63.176.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=69.63.181.1-69.63.181.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=63.245.209.1-63.245.209.254
add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=63.245.213.1-63.245.213.254
Categories:

Related Post:



0 komentar:

Posting Komentar

Copyright © Blogger Terbaru. All rights reserved.

Supported by Blogger Terbaru Theme by Tricks-Collections