Cara Blok Virus Conficker di MikrotiK

Untuk blok virus conficker melalui mikrotik dapat menggunakan script berikut ini. Buka Terminal di mikrotik terllebih dahulu. Lalu copy script di bawah ini.

/ip firewall mangle

add chain=prerouting protocol=udp dst-port=445 action=mark-connection new-connection-mark=conn-conficker comment=”445-UDP” disabled=no passthrough=yes

add chain=prerouting protocol=tcp  dst-port=445 action=mark-connection new-connection-mark=conn-conficker comment=”445-TCP” disabled=no passthrough=yes

add chain=prerouting protocol=tcp  dst-port= 135,137,138,139 action=mark-connection new-connection-mark=conn-conficker comment=”135,137,138,139-TCP” disabled=no passthrough=yes

add chain=prerouting protocol=udp  dst-port=135,137,138,139 action=mark-connection new-connection-mark=conn-conficker comment=”135,137,138,139-UDP” disabled=no passthrough=yes

add chain=prerouting connection-mark=conn-conficker action=mark-packet new-packet-mark=conficker-pkt passthrough=no comment=”conficker-pkt” disabled=no

/ip firewall filter

add chain=forward packet-mark=conficker-pkt action=drop comment=”drop conficker” disabled=no

One Response

  1. tu mark connectionnya empat2 dinamai sama ya pak…?trus pada saat pemanggilan mark paketnya cma dipanggil sekali..?kalo di winbox koq jadi merah ya..?apa ada masalah…?mohon penjelasannya… makasih

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: