om
jangan di tutup port emailnya, ntar kalau om maun ngirim email kesaya gimana ?????
kalau buat warnet sih, saran saya firewal systemnya aja di perkuat.
ni om ada ip fi fi, lumayan membantu juga
[iba@Blackc0de] > ip fi fi print
Flags: X - disabled, I - invalid, D - dynamic
0 X chain=input action=accept protocol=icmp
1 X ;;; drop conficker
chain=forward action=drop connection-mark=conn-conficker
2 X ;;; ";;Block W32.Kido - Conficker"
chain=forward action=drop protocol=udp src-port=135-139
3 ;;; ;;Block W32.Kido - Conficker
chain=forward action=drop protocol=udp src-port=135-139
4 chain=forward action=drop protocol=udp dst-port=135-139
5 chain=forward action=drop protocol=udp src-port=445
6 chain=forward action=drop protocol=udp dst-port=445
7 chain=forward action=drop protocol=tcp src-port=135-139
8 chain=forward action=drop protocol=tcp dst-port=135-139
9 chain=forward action=drop protocol=tcp src-port=445
10 chain=forward action=drop protocol=tcp dst-port=445
11 chain=forward action=drop protocol=tcp dst-port=4691
12 chain=forward action=drop protocol=tcp dst-port=5933
13 ;;; Block LLMNR
chain=forward action=drop protocol=udp dst-port=5355
14 chain=forward action=drop protocol=udp dst-port=4647
15 ;;; spam bloking
chain=forward action=drop protocol=tcp src-port=25
16 chain=forward action=drop protocol=tcp dst-port=25
17 chain=forward action=drop protocol=tcp dst-port=135-139
18 chain=forward action=drop protocol=udp dst-port=135-139
19 chain=forward action=drop protocol=tcp dst-port=445
20 chain=forward action=drop protocol=udp dst-port=445
21 chain=forward action=drop protocol=tcp dst-port=593
22 chain=forward action=drop protocol=tcp dst-port=4444
23 chain=forward action=drop protocol=tcp dst-port=5554
24 chain=forward action=drop protocol=tcp dst-port=9996
25 chain=forward action=drop protocol=udp dst-port=995-999
26 chain=forward action=drop protocol=tcp dst-port=53
27 chain=forward action=drop protocol=tcp dst-port=55
28 ;;; Worm
chain=virus action=drop protocol=tcp dst-port=1433-1434
29 ;;; ________
chain=virus action=drop protocol=tcp dst-port=593
30 ;;; ________
chain=virus action=drop protocol=tcp dst-port=1024-1030
31 ;;; ________
chain=virus action=drop protocol=tcp dst-port=1214
32 ;;; hromgrafx
chain=virus action=drop protocol=tcp dst-port=1373
33 ;;; cichlid
chain=virus action=drop protocol=tcp dst-port=1377
34 ;;; Worm
chain=virus action=drop protocol=tcp dst-port=4444
35 ;;; Worm
chain=virus action=drop protocol=udp dst-port=4444
36 ;;; dropping port scanners
chain=input action=drop src-address-list=port scanners
37 ;;; UDP
chain=input action=accept protocol=udp
38 ;;; FTP
chain=input action=accept protocol=tcp src-address-list=ournetwork
dst-port=21
39 ;;; Telnet
chain=input action=accept protocol=tcp src-address-list=ournetwork
dst-port=23
40 ;;; Web
chain=input action=accept protocol=tcp src-address-list=ournetwork
dst-port=80
41 ;;; pptp-server
chain=input action=accept protocol=tcp dst-port=1723
42 ;;; ;;Block W32.Kido - Conficker
chain=forward action=drop protocol=udp src-port=135-139
43 chain=forward action=drop protocol=udp dst-port=135-139
44 chain=forward action=drop protocol=udp src-port=445
45 chain=forward action=drop protocol=udp dst-port=445
46 chain=forward action=drop protocol=tcp src-port=135-139
47 chain=forward action=drop protocol=tcp dst-port=135-139
48 chain=forward action=drop protocol=tcp src-port=445
49 chain=forward action=drop protocol=tcp dst-port=445
50 chain=forward action=drop protocol=tcp dst-port=4691
51 chain=forward action=drop protocol=tcp dst-port=5933
52 ;;; Block LLMNR
chain=forward action=drop protocol=udp dst-port=5355
53 chain=forward action=drop protocol=udp dst-port=4647
54 ;;; SMTP Deny
chain=forward action=drop protocol=tcp src-port=25
55 chain=forward action=drop protocol=tcp dst-port=25
56 ;;; Port scanners to list
chain=input action=add-src-to-address-list protocol=tcp psd=21,3s,3,1
address-list=port scanners address-list-timeout=2w
57 ;;; NMAP FIN Stealth scan
chain=input action=add-src-to-address-list
tcp-flags=fin,!syn,!rst,!psh,!ack,!urg protocol=tcp
address-list=port scanners address-list-timeout=2w
58 ;;; SYN/FIN scan
chain=input action=add-src-to-address-list tcp-flags=fin,syn
protocol=tcp address-list=port scanners address-list-timeout=2w
59 ;;; SYN/RST scan
chain=input action=add-src-to-address-list tcp-flags=syn,rst
protocol=tcp address-list=port scanners address-list-timeout=2w
60 ;;; FIN/PSH/URG scan
chain=input action=add-src-to-address-list
tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp
address-list=port scanners address-list-timeout=2w
61 ;;; ALL/ALL scan
chain=input action=add-src-to-address-list
tcp-flags=fin,syn,rst,psh,ack,urg protocol=tcp
address-list=port scanners address-list-timeout=2w
62 ;;; NMAP NULL scan
chain=input action=add-src-to-address-list
tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg protocol=tcp
address-list=port scanners address-list-timeout=2w
63 ;;; syn block
chain=input action=tarpit protocol=tcp src-address-list=blocked-addr
connection-limit=3,32
64 ;;; SYN Flood protect
chain=forward action=jump jump-target=SYN-Protect tcp-flags=syn
connection-state=new protocol=tcp
65 chain=SYN-Protect action=accept tcp-flags=syn connection-state=new
protocol=tcp limit=400,5
66 chain=SYN-Protect action=drop tcp-flags=syn connection-state=new
protocol=tcp