/ip firewall filter
add action=drop chain=tcp-viruses comment=”Socks Des Troie, Death” disabled=\
no dst-port=1-2 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Agent 31, Hacker’s Paradise, Agent 40421″ disabled=no dst-port=30-31 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
37 protocol=tcp
add action=drop chain=tcp-viruses comment=”Deep Throat Fore play” disabled=no \
dst-port=41 protocol=tcp
add action=drop chain=tcp-viruses comment=DRAT disabled=no dst-port=48 \
protocol=tcp
add action=drop chain=tcp-viruses comment=DRAT disabled=no dst-port=50 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”DM Setup” disabled=no dst-port=\
58-59 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.Evala.Worm disabled=no \
dst-port=69-70 protocol=tcp
add action=drop chain=tcp-viruses comment=”CDK, Firehotcker” disabled=no \
dst-port=79 protocol=tcp
add action=drop chain=tcp-viruses comment=”Beagle.S RemoconChubo” disabled=no \
dst-port=81 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
85-90 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Common Port for phishing scam sites, Hiddenport, NCX” disabled=no \
dst-port=99 protocol=tcp
add action=drop chain=tcp-viruses comment=”More than 3 known worms and trojans\
usethis port , Invisible Identd Deamon, Kazimas” disabled=no dst-port=\
113 protocol=tcp
add action=drop chain=tcp-viruses comment=Happy99 disabled=no dst-port=119 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Jammer Killah, Attack  Bot, God Message” disabled=no dst-port=121 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Password Generator Protocol” \
disabled=no dst-port=129 protocol=tcp
add action=drop chain=tcp-viruses comment=Farnaz disabled=no dst-port=133 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
135-139 protocol=tcp
add action=drop chain=tcp-viruses comment=NetTaxi disabled=no dst-port=142 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Infector 1.3″ disabled=no \
dst-port=146 protocol=tcp
add action=drop chain=tcp-viruses comment=A.Trojan disabled=no dst-port=170 \
protocol=tcp
add action=drop chain=tcp-viruses comment=W32.Rotor disabled=no dst-port=382 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backage disabled=no dst-port=334 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backage disabled=no dst-port=411 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“W32.kibuv.b, Breach, Incognito, tcp Wrappers” disabled=no dst-port=\
420-421 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
445 in-interface=!ether-local protocol=tcp src-address-list=!pura-local
add action=drop chain=tcp-viruses comment=\
“Fatal Connections - Hacker’s Paradise” disabled=no dst-port=455-456 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Hacker’s Paradise” disabled=no \
dst-port=456 protocol=tcp
add action=drop chain=tcp-viruses comment=”Grlogin, RPC backDoor” disabled=no \
dst-port=513-514 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.kibuv.worm disabled=no \
dst-port=530 protocol=tcp
add action=drop chain=tcp-viruses comment=”Rasmin, Net666″ disabled=no \
dst-port=531 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Stealth Spy, Phaze, 7-11 Trojan, Ini-Killer, Phase Zero, Phase-0″ \
disabled=no dst-port=555 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
559 protocol=tcp
add action=drop chain=tcp-viruses comment=”Sober worm Variants” disabled=no \
dst-port=587 protocol=tcp
add action=drop chain=tcp-viruses comment=”W.32.Sasser worm” disabled=no \
dst-port=593 protocol=tcp
add action=drop chain=tcp-viruses comment=”Secret Service” disabled=no \
dst-port=605 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Attack FTP, Back Construction, BLA Trojan, NokNok, satans” disabled=no \
dst-port=666 protocol=tcp
add action=drop chain=tcp-viruses comment=SnipperNet disabled=no dst-port=667 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Dp Trojan” disabled=no dst-port=\
669 protocol=tcp
add action=drop chain=tcp-viruses comment=GayOL disabled=no dst-port=692 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”BackDoor.Netcrack.B - AimSpy” \
disabled=no dst-port=777-778 protocol=tcp
add action=drop chain=tcp-viruses comment=WinHole disabled=no dst-port=808 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Common Port for phishing scam sites” disabled=no dst-port=880 protocol=\
tcp
add action=drop chain=tcp-viruses comment=Backdoor.Devil disabled=no \
dst-port=901-902 protocol=tcp
add action=drop chain=tcp-viruses comment=”Dark Shadow” disabled=no dst-port=\
911 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
999-1001 protocol=tcp
add action=drop chain=tcp-viruses comment=”Doly Trojan” disabled=no dst-port=\
1011-1016 protocol=tcp
add action=drop chain=tcp-viruses comment=Vampire disabled=no dst-port=1020 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.lingosky disabled=no \
dst-port=1024-1025 protocol=tcp
add action=drop chain=tcp-viruses comment=”NetSpy, Multidropper” disabled=no \
dst-port=1033-1035 protocol=tcp
add action=drop chain=tcp-viruses comment=Bla disabled=no dst-port=1042 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Rasmin disabled=no dst-port=1045 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”/sbin/initd - MiniCommand” \
disabled=no dst-port=1049-1050 protocol=tcp
add action=drop chain=tcp-viruses comment=”The Thief, AckCmd” disabled=no \
dst-port=1053-1054 protocol=tcp
add action=drop chain=tcp-viruses comment=”Backdoor.Zagaban, WinHole” \
disabled=no dst-port=1080-1083 protocol=tcp
add action=drop chain=tcp-viruses comment=Xtreme disabled=no dst-port=1090 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”RAT, Blood Fest Evoltion” \
disabled=no dst-port=1095-1099 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
1111 protocol=tcp
add action=drop chain=tcp-viruses comment=Orion disabled=no dst-port=\
1150-1151 protocol=tcp
add action=drop chain=tcp-viruses comment=”Psyber Stream Server” disabled=no \
dst-port=1170 protocol=tcp
add action=drop chain=tcp-viruses comment=SoftWAR,Infector disabled=no \
dst-port=1207-1208 protocol=tcp
add action=drop chain=tcp-viruses comment=Kaos disabled=no dst-port=1212 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Sazo disabled=no dst-port=\
1218 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
1234 protocol=tcp
add action=drop chain=tcp-viruses comment=”Sub Seven” disabled=no dst-port=\
1243 protocol=tcp
add action=drop chain=tcp-viruses comment=”VooDoo Doll” disabled=no dst-port=\
1245 protocol=tcp
add action=drop chain=tcp-viruses comment=”Scarab, Project next” disabled=no \
dst-port=1255-1256 protocol=tcp
add action=drop chain=tcp-viruses comment=”Maverick’s Matrix” disabled=no \
dst-port=1269 protocol=tcp
add action=drop chain=tcp-viruses comment=”The Matrix” disabled=no dst-port=\
1272 protocol=tcp
add action=drop chain=tcp-viruses comment=NETrojan disabled=no dst-port=1313 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Millenium Worm” disabled=no \
dst-port=1338 protocol=tcp
add action=drop chain=tcp-viruses comment=”Bo dll” disabled=no dst-port=1349 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”GoFriller, Backdoor G-1″ disabled=\
no dst-port=1394 protocol=tcp
add action=drop chain=tcp-viruses comment=w32.spybot.ofn disabled=no \
dst-port=1433 protocol=tcp
add action=drop chain=tcp-viruses comment=”remote Storm” disabled=no \
dst-port=1441 protocol=tcp
add action=drop chain=tcp-viruses comment=FTP99CMP disabled=no dst-port=1492 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”FunkProxy ” disabled=no dst-port=\
1505 protocol=tcp
add action=drop chain=tcp-viruses comment=”Psyber Streaming server” disabled=\
no dst-port=1509 protocol=tcp
add action=drop chain=tcp-viruses comment=Trinoo disabled=no dst-port=1524 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Remote Hack” disabled=no dst-port=\
1568 protocol=tcp
add action=drop chain=tcp-viruses comment=”Backdoor.Miffice, Bize.Worm” \
disabled=no dst-port=1533-1534 protocol=tcp
add action=drop chain=tcp-viruses comment=”Shivka-Burka, Direct Connection” \
disabled=no dst-port=1600 protocol=tcp
add action=drop chain=tcp-viruses comment=”ICA Browser” disabled=no dst-port=\
1604 protocol=tcp
add action=drop chain=tcp-viruses comment=Exploiter disabled=no dst-port=1703 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Scarab disabled=no dst-port=1777 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Loxbot.d disabled=no dst-port=1751 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.NetControle disabled=no \
dst-port=1772 protocol=tcp
add action=drop chain=tcp-viruses comment=SpySender disabled=no dst-port=1807 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
1863 protocol=tcp
add action=drop chain=tcp-viruses comment=”Fake FTP. WM FTP Server” disabled=\
no dst-port=1966-1967 protocol=tcp
add action=drop chain=tcp-viruses comment=”Shockrave, Bowl” disabled=no \
dst-port=1981 protocol=tcp
add action=drop chain=tcp-viruses comment=”OpC BO” disabled=no dst-port=1969 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
1999-2005 protocol=tcp
add action=drop chain=tcp-viruses comment=Ripper disabled=no dst-port=2023 \
protocol=tcp
add action=drop chain=tcp-viruses comment=W32.korgo.a disabled=no dst-port=\
2041 protocol=tcp
add action=drop chain=tcp-viruses comment=”Backdoor.TJServ - WinHole” \
disabled=no dst-port=2080 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Expjan disabled=no \
dst-port=2090 protocol=tcp
add action=drop chain=tcp-viruses comment=Bugs disabled=no dst-port=2115 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Deep Throat” disabled=no dst-port=\
2140 protocol=tcp
add action=drop chain=tcp-viruses comment=”Illusion Mailer” disabled=no \
dst-port=2155 protocol=tcp
add action=drop chain=tcp-viruses comment=Nirvana disabled=no dst-port=2255 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Hvl RAT, Dumaru” disabled=no \
dst-port=2283 protocol=tcp
add action=drop chain=tcp-viruses comment=Xplorer disabled=no dst-port=2300 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Studio 54″ disabled=no dst-port=\
2311 protocol=tcp
add action=drop chain=tcp-viruses comment=backdoor.shellbot disabled=no \
dst-port=2322 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“backdoor.shellbot, Eyeveg.worm.c, contact” disabled=no dst-port=\
2330-2339 protocol=tcp
add action=drop chain=tcp-viruses comment=vbs.shania disabled=no dst-port=\
2414 protocol=tcp
add action=drop chain=tcp-viruses comment=Beagle.N disabled=no dst-port=2556 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Striker disabled=no dst-port=2565 \
protocol=tcp
add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=2583 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”The Prayer 1.2 -1.3″ disabled=no \
dst-port=2716 protocol=tcp
add action=drop chain=tcp-viruses comment=”Phase Zero” disabled=no dst-port=\
2721 protocol=tcp
add action=drop chain=tcp-viruses comment=Beagle.J disabled=no dst-port=2745 \
protocol=tcp
add action=drop chain=tcp-viruses comment=W32.hllw.deadhat.b disabled=no \
dst-port=2766 protocol=tcp
add action=drop chain=tcp-viruses comment=SubSeven disabled=no dst-port=\
2773-2774 protocol=tcp
add action=drop chain=tcp-viruses comment=”Phineas Phucker” disabled=no \
dst-port=2801 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Brador.A disabled=no \
dst-port=2989 protocol=tcp
add action=drop chain=tcp-viruses comment=”Remote Shut” disabled=no dst-port=\
3000 protocol=tcp
add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=3024 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Wortbot disabled=no \
dst-port=3028 protocol=tcp
add action=drop chain=tcp-viruses comment=”W32.Mytob.cz@mm, MicroSpy” \
disabled=no dst-port=3030-3031 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.korgo.a disabled=no dst-port=\
3067 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
3127-3198 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.HLLW.Dax disabled=no dst-port=\
3256 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Nemog.D disabled=no \
dst-port=3306 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
3332 protocol=tcp
add action=drop chain=tcp-viruses comment=w32.Mytob.kp@MM disabled=no \
dst-port=3385 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.mockbot.a.worm disabled=no \
dst-port=3410 protocol=tcp
add action=drop chain=tcp-viruses comment=”Backdoor.Fearic, Terror Trojan” \
disabled=no dst-port=3456 protocol=tcp
add action=drop chain=tcp-viruses comment=”Eclipse 2000″ disabled=no \
dst-port=3459 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no \
dst-port=3547 protocol=tcp
add action=drop chain=tcp-viruses comment=”Portal of Doom” disabled=no \
dst-port=3700 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.helios disabled=no \
dst-port=3737 protocol=tcp
add action=drop chain=tcp-viruses comment=PsychWard disabled=no dst-port=3777 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Eclypse disabled=no dst-port=3791 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Eclypse disabled=no dst-port=3801 \
protocol=tcp
add action=drop chain=tcp-viruses comment=SkyDance,Backdoor.OptixPro.13.C \
disabled=no dst-port=4000-4001 protocol=tcp
add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=4092 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.rcserv disabled=no \
dst-port=4128 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Backdoor.Nemog.D - Virtual Hacking Machine” disabled=no dst-port=4242 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.smokodoor disabled=no \
dst-port=4300 protocol=tcp
add action=drop chain=tcp-viruses comment=BoBo disabled=no dst-port=4321 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Phatbot disabled=no dst-port=4387 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
4444 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.mytob.db disabled=no dst-port=\
4512 protocol=tcp
add action=drop chain=tcp-viruses comment=”File Nail” disabled=no dst-port=\
4567 protocol=tcp
add action=drop chain=tcp-viruses comment=”ICQ Trojan” disabled=no dst-port=\
4590 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Nemog.D disabled=no \
dst-port=4646 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Nemog.D disabled=no \
dst-port=4661 protocol=tcp
add action=drop chain=tcp-viruses comment=Beagle.U disabled=no dst-port=4751 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.tuxder disabled=no \
dst-port=4820 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.Opanki disabled=no dst-port=\
4888 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.RaHack disabled=no dst-port=\
4899 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Common Port for phishing scam sites” disabled=no dst-port=4903 protocol=\
tcp
add action=drop chain=tcp-viruses comment=”ICQ Trogen” disabled=no dst-port=\
4950 protocol=tcp
add action=drop chain=tcp-viruses comment=”Sokets de Trois v1./Bubbel, cd00r” \
disabled=no dst-port=5000-5002 protocol=tcp
add action=drop chain=tcp-viruses comment=Solo,Ootlt disabled=no dst-port=\
5010-5011 protocol=tcp
add action=drop chain=tcp-viruses comment=”WM Remote Keylogger” disabled=no \
dst-port=5025 protocol=tcp
add action=drop chain=tcp-viruses comment=”Net Metropolitan 1.0″ disabled=no \
dst-port=5031-5032 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.laphex.client disabled=no \
dst-port=5152 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
5190 protocol=tcp
add action=drop chain=tcp-viruses comment=Firehotcker disabled=no dst-port=\
5321 protocol=tcp
add action=drop chain=tcp-viruses comment=Baackage,NetDemon disabled=no \
dst-port=5333 protocol=tcp
add action=drop chain=tcp-viruses comment=”WC Remote Administration Tool” \
disabled=no dst-port=5343 protocol=tcp
add action=drop chain=tcp-viruses comment=”Blade Runner” disabled=no \
dst-port=5400-5402 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Backdoor.DarkSky.B, Backconstruction” disabled=no dst-port=5418-5419 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Xtcp, Illusion Mailer” disabled=no \
dst-port=5512 protocol=tcp
add action=drop chain=tcp-viruses comment=”The Flu” disabled=no dst-port=5534 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port ” disabled=no \
dst-port=5550-5558 protocol=tcp
add action=drop chain=tcp-viruses comment=Robo-Hack disabled=no dst-port=5569 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.EasyServ disabled=no \
dst-port=5588 protocol=tcp
add action=drop chain=tcp-viruses comment=”PC Crasher” disabled=no dst-port=\
5637-5638 protocol=tcp
add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=5714 \
protocol=tcp
add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=\
5741-5742 protocol=tcp
add action=drop chain=tcp-viruses comment=”Portmap Remote Root Linux Exploit” \
disabled=no dst-port=5760 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Evivinc disabled=no \
dst-port=5800 protocol=tcp
add action=drop chain=tcp-viruses comment=”Y3K RAT” disabled=no dst-port=5880 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Y3K RAT” disabled=no dst-port=5882 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Y3K RAT” disabled=no dst-port=\
5888-5889 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Evivinc disabled=no \
dst-port=5900 protocol=tcp
add action=drop chain=tcp-viruses comment=LovGate.ak disabled=no dst-port=\
6000 protocol=tcp
add action=drop chain=tcp-viruses comment=”Bad Blood” disabled=no dst-port=\
6006 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.mockbot.a.worm disabled=no \
dst-port=6129 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Common Port for phishing scam sites” disabled=no dst-port=6180 protocol=\
tcp
add action=drop chain=tcp-viruses comment=Trojan.Tilser disabled=no dst-port=\
6187 protocol=tcp
add action=drop chain=tcp-viruses comment=”Secret Service” disabled=no \
dst-port=6272 protocol=tcp
add action=drop chain=tcp-viruses comment=”The Thing” disabled=no dst-port=\
6400 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Nemog.D disabled=no \
dst-port=6565 protocol=tcp
add action=drop chain=tcp-viruses comment=backdoor.sdbot.ag disabled=no \
dst-port=6631 protocol=tcp
add action=drop chain=tcp-viruses comment=”TEMan, Weia-Meia” disabled=no \
dst-port=6661 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Netbus Worm, winSATAN, Dark FTP, Schedule Agent” disabled=no dst-port=\
6666-6667 protocol=tcp
add action=drop chain=tcp-viruses comment=”Vampyre, Deep Throat” disabled=no \
dst-port=6669-6671 protocol=tcp
add action=drop chain=tcp-viruses comment=”Sub Seven, Backdoor.G” disabled=no \
dst-port=6711-6713 protocol=tcp
add action=drop chain=tcp-viruses comment=”Mstream attack-handler” disabled=\
no dst-port=6723 protocol=tcp
add action=drop chain=tcp-viruses comment=”Deep Throat” disabled=no dst-port=\
6771 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Sub Seven, Backdoor.G, W32/Bagle@MM” disabled=no dst-port=6776-6777 \
protocol=tcp
add action=drop chain=tcp-viruses comment=NetSky.U disabled=no dst-port=6789 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Delta source DarkStar” disabled=no \
dst-port=6883 protocol=tcp
add action=drop chain=tcp-viruses comment=”Shxt Heap ” disabled=no dst-port=\
6912 protocol=tcp
add action=drop chain=tcp-viruses comment=Indoctrination disabled=no \
dst-port=6939 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
6969 protocol=tcp
add action=drop chain=tcp-viruses comment=”Gate Crasher” disabled=no \
dst-port=6970 protocol=tcp
add action=drop chain=tcp-viruses comment=”w32.mytob.mx@mm, Remote Grab, explo\
it translation server, kazimas, remote grab” disabled=no dst-port=\
7000-7001 protocol=tcp
add action=drop chain=tcp-viruses comment=”Unknown Trojan” disabled=no \
dst-port=7028 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.Spybot.ycl disabled=no \
dst-port=7043 protocol=tcp
add action=drop chain=tcp-viruses comment=SubSeven disabled=no dst-port=7215 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Net Monitor” disabled=no dst-port=\
7300-7308 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.netshadow disabled=no \
dst-port=7329 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.phoenix disabled=no \
dst-port=7410 protocol=tcp
add action=drop chain=tcp-viruses comment=”Host Control” disabled=no \
dst-port=7424 protocol=tcp
add action=drop chain=tcp-viruses comment=”QaZ -Remote Access Trojan” \
disabled=no dst-port=7597 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.GRM disabled=no dst-port=\
7614 protocol=tcp
add action=drop chain=tcp-viruses comment=Glacier disabled=no dst-port=7626 \
protocol=tcp
add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no \
dst-port=7740-7749 protocol=tcp
add action=drop chain=tcp-viruses comment=”GodMessaage, Tini” disabled=no \
dst-port=7777 protocol=tcp
add action=drop chain=tcp-viruses comment=ICKiller disabled=no dst-port=7789 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no \
dst-port=7823 protocol=tcp
add action=drop chain=tcp-viruses comment=”The ReVeNgEr” disabled=no \
dst-port=7891 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.kibuv.b disabled=no dst-port=\
7955 protocol=tcp
add action=drop chain=tcp-viruses comment=Mstream disabled=no dst-port=7983 \
protocol=tcp
add action=drop chain=tcp-viruses comment=w32.mytob.lz@mm disabled=no \
dst-port=7999-8000 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Ptakks.b disabled=no \
dst-port=8012 protocol=tcp
add action=drop chain=tcp-viruses comment=”W32.Spybot.pen ” disabled=no \
dst-port=8076 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
8081 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Asniffer disabled=no \
dst-port=8090 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.PejayBot disabled=no dst-port=\
8126 protocol=tcp
add action=drop chain=tcp-viruses comment=”BackOrifice 2000″ disabled=no \
dst-port=8787 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Monator disabled=no \
dst-port=8811 protocol=tcp
add action=drop chain=tcp-viruses comment=Beagle.B@mm disabled=no dst-port=\
8866 protocol=tcp
add action=drop chain=tcp-viruses comment=”BackOrifice 2000″ disabled=no \
dst-port=8879 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.Axatak disabled=no dst-port=\
8888-8889 protocol=tcp
add action=drop chain=tcp-viruses comment=”BackHack - Rcon, Recon, Xcon” \
disabled=no dst-port=8988-8989 protocol=tcp
add action=drop chain=tcp-viruses comment=”W32.randex.ccf - netministrator” \
disabled=no dst-port=9000 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.nibu.k disabled=no \
dst-port=9125 protocol=tcp
add action=drop chain=tcp-viruses comment=InCommand disabled=no dst-port=9400 \
protocol=tcp
add action=drop chain=tcp-viruses comment=W32.kibuv.worm disabled=no \
dst-port=9604 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.gholame disabled=no \
dst-port=9696-9697 protocol=tcp
add action=drop chain=tcp-viruses comment=”BackDoor.RC3.B, Portal of Doom” \
disabled=no dst-port=9872-9878 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
9898-10002 protocol=tcp
add action=drop chain=tcp-viruses comment=iNi-Killer disabled=no dst-port=\
9989 protocol=tcp
add action=drop chain=tcp-viruses comment=”W.32.Sasser Worm” disabled=no \
dst-port=9996 protocol=tcp
add action=drop chain=tcp-viruses comment=”The Prayer” disabled=no dst-port=\
9999 protocol=tcp
add action=drop chain=tcp-viruses comment=OpwinTRojan disabled=no dst-port=\
10000 protocol=tcp
add action=drop chain=tcp-viruses comment=OpwinTRojan disabled=no dst-port=\
10005 protocol=tcp
add action=drop chain=tcp-viruses comment=”Cheese worm” disabled=no dst-port=\
10008 protocol=tcp
add action=drop chain=tcp-viruses comment=w32.mytob.jw@mm disabled=no \
dst-port=10027 protocol=tcp
add action=drop chain=tcp-viruses comment=”Portal of Doom” disabled=no \
dst-port=10067 protocol=tcp
add action=drop chain=tcp-viruses comment=Mydoom.B disabled=no dst-port=10080 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”backdoor.ranky.o, backdoor.staprew,\
backdoor.tuimer, gift trojan, brainspy, silencer” disabled=no dst-port=\
10100-10103 protocol=tcp
add action=drop chain=tcp-viruses comment=”Acid Shivers” disabled=no \
dst-port=10520 protocol=tcp
add action=drop chain=tcp-viruses comment=Coma disabled=no dst-port=10607 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Ambush disabled=no dst-port=10666 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Senna Spy” disabled=no dst-port=\
11000 protocol=tcp
add action=drop chain=tcp-viruses comment=”Host Control” disabled=no \
dst-port=11050-11051 protocol=tcp
add action=drop chain=tcp-viruses comment=”Progenic Trojan - Secret Agent” \
disabled=no dst-port=11223 protocol=tcp
add action=drop chain=tcp-viruses comment=”Dipnet / oddBob Trojan” disabled=\
no dst-port=11768 protocol=tcp
add action=drop chain=tcp-viruses comment=”Latinus Server” disabled=no \
dst-port=11831 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Satancrew disabled=no \
dst-port=12000 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Berbew.j disabled=no \
dst-port=12065 protocol=tcp
add action=drop chain=tcp-viruses comment=GJamer disabled=no dst-port=12076 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Hack’99, KeyLogger” disabled=no \
dst-port=12223 protocol=tcp
add action=drop chain=tcp-viruses comment=”Netbus, Ultor’s Trojan” disabled=\
no dst-port=12345-12346 protocol=tcp
add action=drop chain=tcp-viruses comment=Whack-a-Mole disabled=no dst-port=\
12361-12363 protocol=tcp
add action=drop chain=tcp-viruses comment=NetBus disabled=no dst-port=12456 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Whack Job” disabled=no dst-port=\
12631 protocol=tcp
add action=drop chain=tcp-viruses comment=”Eclypse 2000″ disabled=no \
dst-port=12701 protocol=tcp
add action=drop chain=tcp-viruses comment=”Mstream attack-handler” disabled=\
no dst-port=12754 protocol=tcp
add action=drop chain=tcp-viruses comment=”Senna Spy” disabled=no dst-port=\
13000 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no \
dst-port=13173 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.Sober.D disabled=no dst-port=\
13468 protocol=tcp
add action=drop chain=tcp-viruses comment=”Kuang2 the Virus” disabled=no \
dst-port=13700 protocol=tcp
add action=drop chain=tcp-viruses comment=Trojan.Mitglieder.h disabled=no \
dst-port=14247 protocol=tcp
add action=drop chain=tcp-viruses comment=”Mstream attack-handler” disabled=\
no dst-port=15104 protocol=tcp
add action=drop chain=tcp-viruses comment=”Dipnet / oddBob Trojan” disabled=\
no dst-port=15118 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Cyn disabled=no dst-port=\
15432 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Lastdoor disabled=no \
dst-port=16322 protocol=tcp
add action=drop chain=tcp-viruses comment=Mosucker disabled=no dst-port=16484 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Backdoor.Haxdoor.D - Stacheldraht” \
disabled=no dst-port=16660-16661 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
16959 protocol=tcp
add action=drop chain=tcp-viruses comment=”Kuang2.B Trojan” disabled=no \
dst-port=17300 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.Imav.a disabled=no dst-port=\
17940 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Gaster disabled=no \
dst-port=19937 protocol=tcp
add action=drop chain=tcp-viruses comment=”Millennium - AcidkoR” disabled=no \
dst-port=20000-20002 protocol=tcp
add action=drop chain=tcp-viruses comment=”NetBus 2 Pro” disabled=no \
dst-port=20034 protocol=tcp
add action=drop chain=tcp-viruses comment=Chupacabra disabled=no dst-port=\
20203 protocol=tcp
add action=drop chain=tcp-viruses comment=”Bla Trojan” disabled=no dst-port=\
20331 protocol=tcp
add action=drop chain=tcp-viruses comment=”Shaft Client to handlers” \
disabled=no dst-port=20432-20433 protocol=tcp
add action=drop chain=tcp-viruses comment=Trojan.Adnap disabled=no dst-port=\
20480 protocol=tcp
add action=drop chain=tcp-viruses comment=Trojan.Mitglieder.E disabled=no \
dst-port=20742 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.dasher.b disabled=no dst-port=\
21211 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Exploiter - Kid Terror - Schwndler - Winsp00fer” disabled=no dst-port=\
21554 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“Prosiak - Ruler - Donald Dick - RUX The TIc.K” disabled=no dst-port=\
22222 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Simali disabled=no \
dst-port=22311 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor-ADM disabled=no dst-port=\
22784 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.hllw.nettrash disabled=no \
dst-port=23005-23006 protocol=tcp
add action=drop chain=tcp-viruses comment=backdoor.berbew.j disabled=no \
dst-port=23232 protocol=tcp
add action=drop chain=tcp-viruses comment=Trojan.Framar disabled=no dst-port=\
23435 protocol=tcp
add action=drop chain=tcp-viruses comment=”Donald Dick” disabled=no dst-port=\
23476-23477 protocol=tcp
add action=drop chain=tcp-viruses comment=w32.mytob.km@mm disabled=no \
dst-port=23523 protocol=tcp
add action=drop chain=tcp-viruses comment=”Delta Source” disabled=no \
dst-port=26274 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.optix.04 disabled=no \
dst-port=27379 protocol=tcp
add action=drop chain=tcp-viruses comment=”Sub-7 2.1″ disabled=no dst-port=\
27573 protocol=tcp
add action=drop chain=tcp-viruses comment=”Trin00 DoS Attack” disabled=no \
dst-port=27665 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Sdbot.ai disabled=no \
dst-port=29147 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.NTHack disabled=no \
dst-port=29292 protocol=tcp
add action=drop chain=tcp-viruses comment=”Latinus Server” disabled=no \
dst-port=29559 protocol=tcp
add action=drop chain=tcp-viruses comment=”The Unexplained” disabled=no \
dst-port=29891 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Antilam.20 disabled=no \
dst-port=29999 protocol=tcp
add action=drop chain=tcp-viruses comment=”AOL Trojan” disabled=no dst-port=\
30029 protocol=tcp
add action=drop chain=tcp-viruses comment=NetSphere disabled=no dst-port=\
30100-30103 protocol=tcp
add action=drop chain=tcp-viruses comment=”NetSphere Final” disabled=no \
dst-port=30133 protocol=tcp
add action=drop chain=tcp-viruses comment=”Sockets de Troi” disabled=no \
dst-port=30303 protocol=tcp
add action=drop chain=tcp-viruses comment=Kuang2 disabled=no dst-port=30999 \
protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
31335-31339 protocol=tcp
add action=drop chain=tcp-viruses comment=BOWhack disabled=no dst-port=31666 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Hack’a'Tack” disabled=no dst-port=\
31785-31792 protocol=tcp
add action=drop chain=tcp-viruses comment=backdoor.berbew.j disabled=no \
dst-port=32121 protocol=tcp
add action=drop chain=tcp-viruses comment=”Acid Battery” disabled=no \
dst-port=32418 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Alets.B disabled=no \
dst-port=32440 protocol=tcp
add action=drop chain=tcp-viruses comment=”Trinity Trojan” disabled=no \
dst-port=33270 protocol=tcp
add action=drop chain=tcp-viruses comment=trojan.lodeight.b disabled=no \
dst-port=33322 protocol=tcp
add action=drop chain=tcp-viruses comment=Prosiak disabled=no dst-port=33333 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Spirit 2001 a” disabled=no \
dst-port=33911 protocol=tcp
add action=drop chain=tcp-viruses comment=”BigGluck, TN” disabled=no \
dst-port=34324 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Lifefournow disabled=no \
dst-port=36183 protocol=tcp
add action=drop chain=tcp-viruses comment=”Yet Another Trojan” disabled=no \
dst-port=37651 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
39999 protocol=tcp
add action=drop chain=tcp-viruses comment=”The Spy” disabled=no dst-port=\
40412 protocol=tcp
add action=drop chain=tcp-viruses comment=”Agent 40421 - Masters Paradise” \
disabled=no dst-port=40421-40426 protocol=tcp
add action=drop chain=tcp-viruses comment=”Master’s Paradise” disabled=no \
dst-port=43210 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no \
dst-port=44280 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no \
dst-port=44390 protocol=tcp
add action=drop chain=tcp-viruses comment=”Delta Source” disabled=no \
dst-port=47252 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no \
dst-port=47387 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.antilam.20 disabled=no \
dst-port=47891 protocol=tcp
add action=drop chain=tcp-viruses comment=”Sokets de Trois v2.” disabled=no \
dst-port=50505 protocol=tcp
add action=drop chain=tcp-viruses comment=Fore disabled=no dst-port=50776 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Cyn disabled=no dst-port=\
51234 protocol=tcp
add action=drop chain=tcp-viruses comment=W32.kalel.a@mm disabled=no \
dst-port=51435 protocol=tcp
add action=drop chain=tcp-viruses comment=”Remote Windows Shutdown” disabled=\
no dst-port=53001 protocol=tcp
add action=drop chain=tcp-viruses comment=”subSeven -Subseven 2.1 Gold” \
disabled=no dst-port=54283 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port ” disabled=no \
dst-port=54320-54321 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“WM Trojan Generator - File manager Trojan” disabled=no dst-port=\
55165-55166 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Osirdoor disabled=no \
dst-port=56565 protocol=tcp
add action=drop chain=tcp-viruses comment=”NetRaider Trojan” disabled=no \
dst-port=57341 protocol=tcp
add action=drop chain=tcp-viruses comment=BackDoor.Tron disabled=no dst-port=\
58008-58009 protocol=tcp
add action=drop chain=tcp-viruses comment=”Butt Funnel” disabled=no dst-port=\
58339 protocol=tcp
add action=drop chain=tcp-viruses comment=BackDoor.Redkod disabled=no \
dst-port=58666 protocol=tcp
add action=drop chain=tcp-viruses comment=BackDoor.DuckToy disabled=no \
dst-port=59211 protocol=tcp
add action=drop chain=tcp-viruses comment=”Deep Throat” disabled=no dst-port=\
60000 protocol=tcp
add action=drop chain=tcp-viruses comment=Trinity disabled=no dst-port=60001 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Trojan.Fulamer.25 disabled=no \
dst-port=60006 protocol=tcp
add action=drop chain=tcp-viruses comment=”Xzip 6000068″ disabled=no \
dst-port=60068 protocol=tcp
add action=drop chain=tcp-viruses comment=Connection disabled=no dst-port=\
60411 protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.mite disabled=no dst-port=\
61000 protocol=tcp
add action=drop chain=tcp-viruses comment=”Bunker-Hill Trojan” disabled=no \
dst-port=61348 protocol=tcp
add action=drop chain=tcp-viruses comment=Telecommando disabled=no dst-port=\
61466 protocol=tcp
add action=drop chain=tcp-viruses comment=”Bunker-Hill Trojan” disabled=no \
dst-port=61603 protocol=tcp
add action=drop chain=tcp-viruses comment=”Bunker-Hill Trojan” disabled=no \
dst-port=63485 protocol=tcp
add action=drop chain=tcp-viruses comment=”Phatbot, W32.hllw.gaobot.dk” \
disabled=no dst-port=63808-63809 protocol=tcp
add action=drop chain=tcp-viruses comment=Taskmin disabled=no dst-port=64101 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no \
dst-port=64429 protocol=tcp
add action=drop chain=tcp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
65000 protocol=tcp
add action=drop chain=tcp-viruses comment=Eclypse disabled=no dst-port=65390 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Jade disabled=no dst-port=65421 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”The Traitor (th3tr41t0r)” \
disabled=no dst-port=65432 protocol=tcp
add action=drop chain=tcp-viruses comment=Phatbot disabled=no dst-port=65506 \
protocol=tcp
add action=drop chain=tcp-viruses comment=/sbin/init disabled=no dst-port=\
65534 protocol=tcp
add action=drop chain=tcp-viruses comment=”Adore Worm/Linux - RC1 Trojan” \
disabled=no dst-port=65535 protocol=tcp
add action=drop chain=tcp-viruses comment=Cafeini disabled=no dst-port=51966 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Acid baterry 2000″ disabled=no \
dst-port=52317 protocol=tcp
add action=drop chain=tcp-viruses comment=Enterprise disabled=no dst-port=\
50130 protocol=tcp
add action=drop chain=tcp-viruses comment=”Online Keylogger” disabled=no \
dst-port=49301 protocol=tcp
add action=drop chain=tcp-viruses comment=Exploiter disabled=no dst-port=\
44575 protocol=tcp
add action=drop chain=tcp-viruses comment=Prosiak disabled=no dst-port=44444 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Remote Boot Tool - RBT” disabled=\
no dst-port=41666 protocol=tcp
add action=drop chain=tcp-viruses comment=Storm disabled=no dst-port=41337 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Mantis disabled=no dst-port=37237 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Donald Dick” disabled=no dst-port=\
34444 protocol=tcp
add action=drop chain=tcp-viruses comment=”Son of PsychWard” disabled=no \
dst-port=33577 protocol=tcp
add action=drop chain=tcp-viruses comment=”Son of PsychWard” disabled=no \
dst-port=33777 protocol=tcp
add action=drop chain=tcp-viruses comment=”Peanut Brittle, Project Next” \
disabled=no dst-port=32100 protocol=tcp
add action=drop chain=tcp-viruses comment=”Donald Dick” disabled=no dst-port=\
32001 protocol=tcp
add action=drop chain=tcp-viruses comment=”Hack’a'Tack” disabled=no dst-port=\
31785 protocol=tcp
add action=drop chain=tcp-viruses comment=Intruse disabled=no dst-port=30947 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Lamers Death” disabled=no \
dst-port=30003 protocol=tcp
add action=drop chain=tcp-viruses comment=”Infector - ErrOr32″ disabled=no \
dst-port=30000-30001 protocol=tcp
add action=drop chain=tcp-viruses comment=ovasOn disabled=no dst-port=29369 \
protocol=tcp
add action=drop chain=tcp-viruses comment=NetTrojan disabled=no dst-port=\
29104 protocol=tcp
add action=drop chain=tcp-viruses comment=Exploiter disabled=no dst-port=\
28678 protocol=tcp
add action=drop chain=tcp-viruses comment=”Bad Blood - Ramen - Seeker - SubSev\
en - SubSeven 2.1 Gold - Subseven 2.14 DefCon8 - SubSeven Muie - Ttfloader\
” disabled=no dst-port=27374 protocol=tcp
add action=drop chain=tcp-viruses comment=VoiceSpy disabled=no dst-port=26681 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Moonpie disabled=no dst-port=25982 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Moonpie disabled=no dst-port=\
25685-25686 protocol=tcp
add action=drop chain=tcp-viruses comment=Infector disabled=no dst-port=24000 \
protocol=tcp
add action=drop chain=tcp-viruses comment=InetSpy disabled=no dst-port=23777 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Evil FTP - Ugly FTP - Whack Job” \
disabled=no dst-port=23456 protocol=tcp
add action=drop chain=tcp-viruses comment=Asylum disabled=no dst-port=23432 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Amanda disabled=no dst-port=23032 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Logged disabled=no dst-port=23232 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Girl friend - Kid Error” disabled=\
no dst-port=21544 protocol=tcp
add action=drop chain=tcp-viruses comment=”VP killer” disabled=no dst-port=\
20023 protocol=tcp
add action=drop chain=tcp-viruses comment=Mosucker disabled=no dst-port=20005 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”ICQ Revenge” disabled=no dst-port=\
19864 protocol=tcp
add action=drop chain=tcp-viruses comment=Nephron disabled=no dst-port=17777 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Audiodoor disabled=no dst-port=\
17593 protocol=tcp
add action=drop chain=tcp-viruses comment=Infector disabled=no dst-port=17569 \
protocol=tcp
add action=drop chain=tcp-viruses comment=CrazzyNet disabled=no dst-port=\
17499-17500 protocol=tcp
add action=drop chain=tcp-viruses comment=KidTerror disabled=no dst-port=\
17449 protocol=tcp
add action=drop chain=tcp-viruses comment=Mosaic disabled=no dst-port=17166 \
protocol=tcp
add action=drop chain=tcp-viruses comment=Priority disabled=no dst-port=16969 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”ICQ Revenge” disabled=no dst-port=\
16772 protocol=tcp
add action=drop chain=tcp-viruses comment=CDK disabled=no dst-port=15858 \
protocol=tcp
add action=drop chain=tcp-viruses comment=SubZero disabled=no dst-port=15382 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Host Control” disabled=no \
dst-port=15092 protocol=tcp
add action=drop chain=tcp-viruses comment=NetDemon disabled=no dst-port=15000 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”PC Invader” disabled=no dst-port=\
14500-14503 protocol=tcp
add action=drop chain=tcp-viruses comment=Chupacabra disabled=no dst-port=\
13473 protocol=tcp
add action=drop chain=tcp-viruses comment=”Hack ‘99 KeyLogger” disabled=no \
dst-port=13223 protocol=tcp
add action=drop chain=tcp-viruses comment=PsychWard disabled=no dst-port=\
13013-13014 protocol=tcp
add action=drop chain=tcp-viruses comment=”Hacker Brasil - HBR” disabled=no \
dst-port=13010 protocol=tcp
add action=drop chain=tcp-viruses comment=Buttman disabled=no dst-port=12624 \
protocol=tcp
add action=drop chain=tcp-viruses comment=BioNet disabled=no dst-port=12349 \
protocol=tcp
add action=drop chain=tcp-viruses comment=”Host Control” disabled=no \
dst-port=10528 protocol=tcp
add action=drop chain=tcp-viruses comment=Syphilis disabled=no dst-port=\
10085-10086 protocol=tcp
add action=drop chain=tcp-viruses comment=DigitalRootbeer disabled=no \
dst-port=2600 protocol=tcp
add action=drop chain=tcp-viruses comment=”Doly Trojan” disabled=no dst-port=\
2345 protocol=tcp
add action=return chain=tcp-viruses comment=”Back to previous menu” disabled=\
no
add action=drop chain=udp-viruses comment=”Socks Des Troie, Death” disabled=\
no dst-port=1 protocol=udp
add action=drop chain=udp-viruses comment=”Netbios - DoS attacks msinit” \
disabled=no dst-port=135-139 protocol=udp
add action=drop chain=udp-viruses comment=Infector disabled=no dst-port=146 \
protocol=udp
add action=drop chain=udp-viruses comment=”N0kN0k Trojan” disabled=no \
dst-port=666 protocol=udp
add action=drop chain=udp-viruses comment=\
“Maverick’s Matrix 1.2-2.0 - remote storm” disabled=no dst-port=1025 \
protocol=udp
add action=drop chain=udp-viruses comment=NoBackO disabled=no dst-port=\
1200-1201 protocol=udp
add action=drop chain=udp-viruses comment=”BackOrifice DLL Comm” disabled=no \
dst-port=1349 protocol=udp
add action=drop chain=udp-viruses comment=”FunkProxy ” disabled=no dst-port=\
1505 protocol=udp
add action=drop chain=udp-viruses comment=”ICA Browser” disabled=no dst-port=\
1604 protocol=udp
add action=drop chain=udp-viruses comment=BackDoor.Fearic disabled=no \
dst-port=2000 protocol=udp
add action=drop chain=udp-viruses comment=”Mini Backlash” disabled=no \
dst-port=2130 protocol=udp
add action=drop chain=udp-viruses comment=”Deep Throat” disabled=no dst-port=\
2140 protocol=udp
add action=drop chain=udp-viruses comment=BackDoor.Botex disabled=no \
dst-port=2222 protocol=udp
add action=drop chain=udp-viruses comment=voicespy disabled=no dst-port=2339 \
protocol=udp
add action=drop chain=udp-viruses comment=Rat disabled=no dst-port=2989 \
protocol=udp
add action=drop chain=udp-viruses comment=\
“Deep Throat - Foreplay - Mini Backflash” disabled=no dst-port=3150 \
protocol=udp
add action=drop chain=udp-viruses comment=Backdoor.Fearic disabled=no \
dst-port=3456 protocol=udp
add action=drop chain=udp-viruses comment=Eclypse disabled=no dst-port=3801 \
protocol=udp
add action=drop chain=udp-viruses comment=”WityWorm - BlackICE/ISS” disabled=\
no dst-port=4000 protocol=udp
add action=drop chain=udp-viruses comment=”Remote Shell Trojan” disabled=no \
dst-port=5503 protocol=udp
add action=drop chain=udp-viruses comment=”Y3K RAT” disabled=no dst-port=5882 \
protocol=udp
add action=drop chain=udp-viruses comment=”Y3K RAT” disabled=no dst-port=5888 \
protocol=udp
add action=drop chain=udp-viruses comment=”Mstream Agent-handler” disabled=no \
dst-port=6838 protocol=udp
add action=drop chain=udp-viruses comment=”Unknown Trojan” disabled=no \
dst-port=7028 protocol=udp
add action=drop chain=udp-viruses comment=”Host Control” disabled=no \
dst-port=7424 protocol=udp
add action=drop chain=udp-viruses comment=”MStream handler-agent” disabled=no \
dst-port=7983 protocol=udp
add action=drop chain=udp-viruses comment=”BackOrifice 2000″ disabled=no \
dst-port=8787 protocol=udp
add action=drop chain=udp-viruses comment=”BackOrifice 2000″ disabled=no \
dst-port=8879 protocol=udp
add action=drop chain=udp-viruses comment=”MStream Agent-handler” disabled=no \
dst-port=9325 protocol=udp
add action=drop chain=udp-viruses comment=”Portal of Doom” disabled=no \
dst-port=10067 protocol=udp
add action=drop chain=udp-viruses comment=”Portal of Doom” disabled=no \
dst-port=10167 protocol=udp
add action=drop chain=udp-viruses comment=”Mstream handler-agent” disabled=no \
dst-port=10498 protocol=udp
add action=drop chain=udp-viruses comment=Ambush disabled=no dst-port=10666 \
protocol=udp
add action=drop chain=udp-viruses comment=”DUN Control” disabled=no dst-port=\
12623 protocol=udp
add action=drop chain=udp-viruses comment=”Shaft handler to Agent” disabled=\
no dst-port=18753 protocol=udp
add action=drop chain=udp-viruses comment=”Shaft handler to Agent” disabled=\
no dst-port=20433 protocol=udp
add action=drop chain=udp-viruses comment=GirlFriend disabled=no dst-port=\
21554 protocol=udp
add action=drop chain=udp-viruses comment=”Donald Dick” disabled=no dst-port=\
23476 protocol=udp
add action=drop chain=udp-viruses comment=”Delta Source” disabled=no \
dst-port=26274 protocol=udp
add action=drop chain=udp-viruses comment=”Sub-7 2.1″ disabled=no dst-port=\
27374 protocol=udp
add action=drop chain=udp-viruses comment=Trin00/TFN2K disabled=no dst-port=\
27444 protocol=udp
add action=drop chain=udp-viruses comment=”Sub-7 2.1″ disabled=no dst-port=\
27573 protocol=udp
add action=drop chain=udp-viruses comment=NetSphere disabled=no dst-port=\
30103 protocol=udp
add action=drop chain=udp-viruses comment=\
“More than 3 known worms and trojans use this port” disabled=no dst-port=\
31335-31338 protocol=udp
add action=drop chain=udp-viruses comment=”Hack`a’Tack” disabled=no dst-port=\
31787-31791 protocol=udp
add action=drop chain=udp-viruses comment=”Trin00 for windows” disabled=no \
dst-port=34555 protocol=udp
add action=drop chain=udp-viruses comment=”Trin00 for windows” disabled=no \
dst-port=35555 protocol=udp
add action=drop chain=udp-viruses comment=”Delta Source” disabled=no \
dst-port=47262 protocol=udp
add action=drop chain=udp-viruses comment=”OnLine keyLogger” disabled=no \
dst-port=49301 protocol=udp
add action=drop chain=udp-viruses comment=”Back Orifice” disabled=no \
dst-port=54320-54321 protocol=udp
add action=drop chain=udp-viruses comment=”NetRaider Trojan” disabled=no \
dst-port=57341 protocol=udp
add action=drop chain=udp-viruses comment=”The Traitor - th3tr41t0r” \
disabled=no dst-port=65432 protocol=udp
add action=return chain=udp-viruses comment=”Back to previous menu” disabled=\
no

Untuk mencegah Jaringan LAN dari virus :)  input dan forward nya bisa disesuaikan dengan kebutuhan

add action=jump chain=forward comment=”PREVENT VIRUS COME FROM LOCAL NETWORK” \
disabled=no in-interface=ether-local jump-target=viruses
add action=jump chain=forward comment=\
“PREVENT VIRUS COME FROM PUBLIC INTERNET NETWORK” disabled=no \
in-interface=ether-public jump-target=viruses
add action=jump chain=input comment=”PREVENT VIRUS COME FROM LAN” disabled=no \
in-interface=ether-local jump-target=viruses
add action=jump chain=input comment=”PREVENT VIRUS COME FROM PUBLIC INTERNET” \
disabled=no in-interface=ether-public jump-target=viruses
add action=jump chain=viruses comment=”Jump to handle virus from TCP port” \
disabled=no jump-target=tcp-viruses protocol=tcp
add action=jump chain=viruses comment=”Jump to handle virus from UDP port” \
disabled=no jump-target=udp-viruses protocol=udp
add action=return chain=viruses comment=”Back to previous rules” disabled=no

Related posts:

1. Konfigurasi Dasar Mikrotik Sebagai Gateway Berikut konfigurasi dasar Mikrotik sebagai Gateway. Disini Mikrotik memiliki 2...
2. Setting Speedy Mode Bridge Pada Mikrotik Dengan Modem Astoria Step 1 Step 2 Step 3 Step 4 Step 5...

Related posts brought to you by Yet Another Related Posts Plugin.

Gravatar adalah sebuah layanan di internet yang membantu mengidentifikasi anda saat melakukan komentar atau posting di sebuah blog atau forum web. Identifikasi disini berupa foto/gambar yang akan muncul disamping nama anda, atau banyak juga yang menyebutnya Avatar. Berikut adalah contoh orang yang tidak menggunakan gravatar (lingkaran biru) dengan yang menggunakan gravatar (lingkaran merah) :

Lalu bagaimana cara mendapatkan gravatar ini ? Caranya cukup mudah, yaitu anda tinggal mendaftar di http://www.gravatar.com lalu masukan email pilihan anda. Setelah melakukan konfirmasi, anda langsung dapat mensetting password dan memasukan gambar/foto yang anda inginkan.

Komentar/Posting anda akan diidentifikasi berdasarkan email yang anda pakai untuk membuat gravatar ini, oleh karena itu jangan lupa memasukan alamat email yang benar ketika anda melakukan posting/komentar

Sekian penjelasan gravatar dari saya, semoga bermanfaat.

No related posts.

Step 2

Step 3

Step 4

Step 5

Step 6

Step 7

Step 8

Step 9

Related posts:

1. Blok Port Virus dan Trojan dengan Mikrotik Sumber http://www.forummikrotik.com /ip firewall filter add action=drop chain=tcp-viruses comment=”Socks Des...

Related posts brought to you by Yet Another Related Posts Plugin.

Sudah lama ga nge-blog, kali ini saya akan membahas sebuah filtur dari Nokia yaitu Nokia Email Service yang dikombinasikan dengan Nokia E63. Bagi anda pengguna BlackBerry tentu tidak asing dengan istilah “PushMail”, dengan filtur ini pengguna BlackBerry dapat menerima Email secepat menerima SMS.

Namun tentu kita ketahui harga perangkat cellular BlackBerry ini masih agak sulit terjangkau bagi kita kebanyakan. Selain itu, banyak dari kita juga telah terbiasa dengan cellular bermerk Nokia yang sangat User Friendly penggunaannya. Bagi anda pecinta Nokia, ternyata filtur PushMail juga dapat kita nikmati pada tipe-tipe tertentu seperti Nokia 5320, 5630, 5800, 6220, E51, E61, E61i, E63, E65, E66, E71, E75, E90, N73, N78, N79, N82, N85, N86 8MP, N95, N95 8GB, N96, dan N97.

Langkah-langkah yang perlu anda lakukan adalah :

1. Mendaftarkan Account Email anda di Nokia Email Service
2. Kemudian Server nokia akan mengirimkan anda SMS yang berisi link untuk mendownload applikasi PushMail ke HP anda.
3. Download dan Install Program tersebut.
4. Jalankan programnya dan lakukan koneksi ke internet via GPRS.
5. Kini HP anda siap menerima Email kapanpun juga seperti layaknya SMS selama anda terkoneksi dengan internet.

No related posts.

http://wordpress.org/extend/plugins/wordpress-mobile-edition/

Kini AgungSetiawan.web.id juga sudah dapat diakses secara mobile, tampilannya lebih kompak dan ciamik di HP kamu !

No related posts.

Kini (14 tahun kemudian) , Indonesia sudah memiliki infrastruktur yang jauh lebih baik seiring dengan munculnya era Broadband Internet. Bahkan di ibukota dan di beberapa kota besar di Indonesia, kita sudah dapat memperoleh produk akses internet kecepatan tinggi sebesar 3 Mbps untuk akses rumahan. Namun bagaimanakah realitas yang sebenarnya ? Apakah Akses internet di Indonesia sudah sebagus dengan harapannya ?

Berawal dari situ, saya berniat menguji beberapa akses internet dari ISP di Indonesia, khususnya yang telah terkoneksi di rumah saya . Tes dilakukan pada pukul 00.30 - 01.00 . Berikut hasilnya :

• Telkom Speedy Unlimited Office - Up to 1 Mbps

• First Media - Fastnet - Up to 768 kbps

• IM2 Broom Unlimited - Up to 256 kbps (Quota 3.5 GB)

• IM2 Broom Community

• Esia Wimode

• Tachyon.net (PT.Remala Abadi) - IIX Only 1 Mbps

Perbandingan harganya adalah :

1. Telkom Speedy Unlimited Office : Rp 750.000/bulan (w/o tax)
2. First Media - Fastnet 768 : Rp 300.000/bulan (w/o tax)
3. IM2 Broom Unlimited : Rp 125.000/bulan (prepaid)
4. IM2 Broom Community : Rp 100.000 (Kuota 200MB)
5. Esia Wimode: Rp 100/menit (w/o tax)
6. Tachyon.net : Rp 1.000.000/bulan (IIX only 1 Mbps)

Sekian hasil review dari saya, semoga di hari kedepan saya dapat menambahkan beberapa provider lain seperti Telkom Flash, XL 3G, dan JUMP.

Related posts:

1. VoIP untuk Telekomunikasi Murah Tahukah anda tentang VoIP ? VoIP adalah kependekan dari Voice...
2. Speedy Upgrade Up To 1 Mbps Sejak bulan Mei tahun 2008, telkom speedy mulai membuat gebrakan...
3. 15 Hari bersama FastNEt ! Hari ini adalah hari ke 15 saya menggunakan layanan provider...

Related posts brought to you by Yet Another Related Posts Plugin.

Di era digital sekarang ini, semua hal dapat dilakukan secara remote alias dari jarak jauh. Hal yang paling sederhana adalah ketika anda ingin mengambil uang di mesin ATM, uang yang anda tabung disebuah bank kini dapat anda ambil dimanapun anda berada hanya dengan sebuah kartu ATM.

Sayapun dalam sehari-hari telah memanfaatkan jaringan internet dan intranet untuk memonitor bisnis warnet yang saya kelola. Sehingga dimanapun saya berada, baik itu di kampus ataupun sedang ngopi-ngopi di J-Co, saya dapat melihat warnet saya dari jarak jauh hanya melalui sebuah Laptop yang selalu saya tenteng kemana-mana. Aplikasi yang kini saya gunakan untuk mengendalikan komputer warnet adalah Radmin.

Radmin adalah sebuah program Remote Desktop untuk sistem operasi Microsoft Windows. Sebenarnya Windows juga memiliki aplikasi Remote Desktop internal, namun filturnya tidak selengkap Radmin.Berikut adalah langkah-langkah instalasi Radmin pada komputer yang ingin anda kendalikan :

Langkah pertama adalah instalasi program Radmin Server pada komputer yang ingin dikendalikan.

Mulailah instalasi dengan klik tombol Next.

Kemudian klik Radio Button I Accept… lalu Klik Next.

Oke, Sekarang sudah siap untuk menekan tombol Install

Klik tombol finish, instalasi selesai, dilanjutkan konfigurasi.

Untuk memulai konfigurasi, klik tombol Permissions.

Pilihlah Radio Button Radmin security, lalu klik tombol Permission

Setelah itu klik tombol add user untuk memasukan user akses.

Masukan User name dan password yang anda inginkan.

Setelah Radmin user anda terdaftar, klik tombol Allow pada All Access, kemudian Ok.

Setelah konfigurasi selesai, Klik tombol Ok, diikuti klik tombol Exit.

Sampai disini instalasi program Radmin Server pada komputer yang ingin dikendalikan sudah selesai.

Tahap selanjutnya adalah mengkonfigurasi Firewall pada komputer tersebut.

Masuklah kedalam Control Panel melalui Menu Start - Settings - Control Panel.

Berikutnya, Pilihlah Icon Windows Firewall yang berada dalam pilihan Control Panel.

Pada Jendela Windows Firewall Klik pada Tab Exception, dilanjutkan dengan Klik pada Add Port.

Masukanlah pada kotak Nama dengan “radmin” dan pada kotak port number dengan “4899″ , kemudian klik tombol Ok.

Setelah program radmin anda masuk kedalam list exception, klik tombol Ok.

Langkah konfigurasi firewall telah selesai, sekarang kita lanjutkan pada tahap akhir yaitu menginstalasi program Radmin Viewer pada komputer anda.

Downloadlah program Radmin Viewer versi portabel yang disediakan pada situs Radmin, extraklah file tersebut, dan jalankan program Radmin.exe.

Lakukan double click pada aplikasi Radmin.exe

Setelah program terbuka, lakukan konfigurasi awal dengan melakukan klik pada tombol Add New Connection.

Masukan nama PC yang ingin anda kendalikan dari jauh, dan isi juga IP address PC tersebut, kemudian klik tombol Ok.

Setelah semua selesai, double click pada gambar PC yang ingin anda kendalikan.

Masukan User Name dan Password yang telah anda buat sebelumnya.

Kini akses penuh komputer tersebut berada di tangan anda. Enjoyed !

Untuk mengendalikan komputer melalui internet, anda wajib memiliki akses internet dengan IP publik seperti yang digunakan Speedy. Dengan melakukan setting Modem pada mode “Bridge” anda dapat mengakses langsung komputer anda dari manapun, selama ada akses internet.

Sekian tulisan saya kali ini .

Related posts:

1. Mengkonvert DVD ke Avi Malam ini saya mendapat sebuah telpon dari seorang teman. Dia...
2. Menjalankan Microsoft Office di Linux Masih asingnya penggunaan Linux di masyarakat Indonesia, membuat mereka seringkali...
3. IE 7 di WinXP bajakan ? Saya sangat kesal saat ingin menginstall IE7 di windows XP...

Related posts brought to you by Yet Another Related Posts Plugin.

Dokter gigi yang satu ini cukup elit karena prakteknya berada disebuah hotel berbintang 5 Jakarta. Namun tentu bukan itu yang ingin saya bahas, karena blog ini adalah blog teknologi, bukan ajang curhat

Oke kita lanjutkan, didepan praktek dokter gigi ini terdapat sebuah lobby dan karena sang dokter sedang makan siang, akhirnya saya menunggu di lobby tersebut sembari menyalakan EEE PC dengan tujuan mencari signal wifi.

Tidak lama akhirnya saya berhasil terkoneksi dengan salah satu akses point di lobby tersebut. Langsung saja saya jalankan mozilla firefox untuk memulai browsing, namun ternyata saya tidak dapat mengaksesnya dengan gratis karena terproteksi sebuah passoword.

Pandangan saya langsung terarah pada tarif yang tertera pada halaman login.Dan mata saya langsung terbelalak ketika melihat tarif akses internet per jam di hotel tersebut :

Ya..anda tidak salah melihat. Rp 102.366 / jam . Ini adalah tarif internet termahal yang pernah saya lihat sepanjang hidup saya.

Belum hilang shock akibat tarif internet yang selangit, seorang pramuniaga tiba-tiba datang dan menyodorkan menu minuman. Tebak apa yang saya lihat : Segelas coca-cola berharga Rp 35.000 dan itu adalah menu termurah diantara yang lain. Dan jangan lupa itu belum termasuk tax 21% . Akhirnya saya hanya bisa berkata “maaf mas, ga jadi deh, mahal sekali…”

Tidak bisa saya bayangkan berapa penghasilan orang yang menginap di hotel ini. Akhir kata saya cuma mau berkomentar : meskipun anda termasuk orang yg berduit, saya rasa kedua harga tersebut tetap tidak rasional..hehe.

Oh ya sekedar anda tahu, apabila anda menghadapi proteksi hotspot yang seperti ini anda dapat mengakalinya dengan DNS atau ICMP tunneling. Lain kali kita akan bahas kedua hal tersebut untuk mendapatkan free Hotspot .

Related posts:

1. Menjebol Proteksi HotSpot Hari gini internet kabel ? Seperti kita ketahui, HotSPOT atau...

Related posts brought to you by Yet Another Related Posts Plugin.

Kemudian saya pun berpaling pada Asus EEE PC 4G karena memiliki slot RAM yang tidak tersolder pada board, sehingga dapat diupgrade hingga 2 GB. Setelah berjalan cukup jauh, akhirnya saya menemukan EEE PC tipe tersebut dengan harga 3,7 juta rupiah. Saya pun jatuh hati, meskipun SSD nya tetap tidak dapat diupgrade, namun saya punya pertimbangan dapat menggunakan Memori SDHC sebagai tambahan space, selain itu juga masih dapat menggunakan flash disk dan harddisk external.

Sebenarnya tipe yang lebih bagus lagi adalah tipe 8G yang memungkinkan SSD nya untuk diupgrade, namun lagi-lagi harganya terpaut jauh 1 juta rupiah dari tipe 4G (sekitar 4,7 Juta rupiah) .

Adapun tipe terbaru dari EEE PC yang saya temui di mangga dua adalah EEE PC tipe 900, namun harganya mulai tidak masuk akal yaitu sekitar 5,7 juta rupiah (terpaut 1 juta rupiah dengan EEE PC 8G) . Salah satu kelebihan dari EEE PC 900 adalah layarnya yang lebih lebar (8.9 inc) sehingga mampu menampilkan resolusi gambar yang lebih baik.Selain itu tipe 900 juga memiliki 2 SSD yaitu SSD internal (4GB) dan juga SSD removable (8 GB atau 16GB) . Untuk jelasnya, spesifikasi semua tipe Asus EEE PC dapat anda lihat di wikipedia.

Setelah memakainya 1 minggu akhirnya saya dapat menyimpulkan beberapa hal dari Asus EEE PC 4G yang telah saya beli.

1. Wireless Adapter internalnya berfungsi sangat baik. Dengan chip atheros, jangkauan signal yang dapat ditangkapnya jauh lebih baik dari pada card PCMCIA Dlink DWL-G630 dan TP Link WN610G yang saya miliki.
2. Baterainya mampu beroperasi 2 jam dengan kondisi browsing dengan wifi tanpa menyalakan suara (dengan mp3 atau sebagainya).
3. Lumayan cepat untuk kebutuhan surfing dan office, meskipun clock rate prosesornya di downclock menjadi 630 mhz, dan ram yang disediakan hanya 512 MB.
4. Layarnya yang hanya 7 inc kurang nyaman, terutama jika terdapat aplikasi yang menggunakan window yang besar.
5. Distro Linux bawaan dari Asus EEE PC 4G tidak dapat mendeteksi Access point dengan enkripsi WPA2 secara default.

Ya..sekian review yang saya lakukan selama seminggu menggunakan Asus EEE Pc dengan OS Windows XP Proffesional SP 2. Artikel ini akan terus saya update sembari saya menggunakan Asus EEE PC. Semoga tulisan ini bisa menjadi referensi anda sebelum membeli Asus EEE PC,

No related posts.

Apakah itu metasploit ? Sulitkah menggunakannnya ?

Untuk memberikan gambaran dan mempermudah penjelasan, saya akan memberikan contoh bug pada service DCOM Windows yang dulu sangat populer diexploitasi dengan script exploit : KAHT .

Berikut alat-alat praktek yang kita butuhkan pada percobaan kali ini :

1. Sebuah PC yang cukup bertenaga untuk virtualisasi PC.

2. Metasploit Framework, dapat di download disini.

3. Microsoft Windows NT SP3-6a/2000/XP/2003 yang memiliki bug pada service DCOM.

4. Vmware, dapat di download disini.

Vmware disini digunakan untuk membuat virtualisasi jaringan komputer, sehingga memudahkan anda yang hanya memiliki 1 PC saja dirumah.

Saya akan melompati langkah-langkah menginstall VMware dan juga cara menginstall Windows di VMware, sebab apabila anda tidak mengerti hal tersebut, kemungkinan besar anda juga tidak akan paham yang kita bahas disini.

Sebagai permulaan kita akan memulai dengan mengenal lebih dekat Metasploit Framework. Pada situs pembuatnya dipaparkan secara gamblang tentang apa itu Metasploit framework, dan juga tujuan penggunaannya :

What is it?

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

What does it do?

The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.

Semuanya saya biarkan tertulis dalam bahasa orang bule sebab ada kata-kata yang tidak pas atau tidak bisa dipadankan bila diterjemahkan dalam Bahasa Indonesia.

Selanjutnya untuk lebih jauh tentang exploit maupun bug pada DCOM service dapat anda search sendiri di google, sebab terlalu panjang jika saya jelaskan disini.

Sekarang mari kita ngoprek komputer !

Langkah pertama adalah download Vmware dari situsnya, lalu anda dapat mulai menginstall Windows yang memiliki bug DCOM, kemudian jalankan windows anda di VMware !

Langkah kedua adalah download Metasploit Framework dari situsnya. Lalu install dikomputer anda dan jalankan, hingga keluar tampilan seperti berikut :

Kemudian pada kotak search ketikan dcom, lalu klik Find, dan pilihlah Exploits Microsoft RPC DCOM Interface Overflow.

Setelah itu kita memilih target yang akan kita exploitasi, dalam kasus kali ini Sistem Operasi target kita adalah Windows XP home, oleh karena itu pilihlah yang sesuai, lalu klik Forward :

Kemudian kita dihadapkan pada pilihan payload. Payload adalah sebuah aksi yang dilakukan setelah bug berhasil di exploitasi oleh Metasploit. Untuk pembelajaran, kita pilih Generic/Shell_Bind_TCP , artinya kita akan mengambil alih Shell Bind atau lebih dikenal di lingkungan windows dengan Command Prompt dari target hacking kita. Setelah itu klik Forward.

Langkah berikutnya kita harus menentukan Target Address kita, disini saya telah mengkonfigurasi Windows XP Home di Vmware dengan IP 192.168.126.132, oleh karena itu tuliskan ip tersebut pada kolom RHOST. Sedangkan RPORT disini sudah ditentukan yaitu port 135 yang merupakan port default dari service DCOM dimana secara default dibuka oleh Windows XP Home ! Wah, berbahaya sekali yah… Untuk LPORT disini juga sudah ditentukan yaitu 4444, Local Port akan membuka sebuah port di PC anda untuk berhubungan dengan komputer target. Selanjutnya klik Forward .

Setelah semua konfigurasi selesai, anda akan mendapatkan pesan konfirmasi seperti berikut, jika anda yakin semuanya telah benar,lanjutkan dengan klik Apply.

Jika target berhasil terexploitasi, anda akan mendapatkan sebuah session yang berisi target hacking kita dan siap untuk di double klik.

Kemudian anda akan mendapati sebuah layar Command Prompt dari komputer target dan anda sebagai Administrator. Jika sudah begini semua terserah anda, jangan tanyakan apa yang bisa dilakukan selanjutnya.Dan selesailah tutorial hacking kali ini Mudah bukan ?

Related posts:

1. Nostalgia dengan Windows 3.1 Ingatkah anda akan wajah dari Windows 3.1 ? Bagi anak...

Related posts brought to you by Yet Another Related Posts Plugin.