Daftar Blokir Port Virus dan Worm Mikrotik

Terminal
Terminal

Jika anda menggunakan MiKroTik dalam jaringan, ada baiknya menambahkan script berikut untuk memblokir beberapa akses port yang sering digunakan virus dan worm. Sebenarnya script berikut merupakan gabungan dua buah script, yaitu dari halaman resmi MiKrotik : Protecting your Customers dengan script lain yang khusus menampilkan daftar port yang harus ditutup.

Yang perlu diperhatikan adalah bagi game center atau warnet dengan game online, ada beberapa port game online yang akan ikut terblokir. Tetapi dapat diatasi dengan menambahkan di pengecualian, dengan menambahkan ip address game online tersebut kedalam Address-List. Kemudian ditambahkan ke port yang diblokir sebagai pengecualian pada dst-address.
Daftar port yang perlu diperhatikan dapat anda lihat di bawah ini, silahkan copas-enter melalui telnet dan anda dapat melihat hasilnya melalui Winbox.

/ip firewall filter 
add chain=virus protocol=tcp dst-port=1 action=drop comment="Breach.2001, SocketsDeTroie.230, SocketsDeTroie.250" 
add chain=virus protocol=tcp dst-port=25 action=drop comment="Aji, Antigen, Email Password Sender, Email Worms, Gip, Happy99/Ska, Haebu Coceda, Loveletter, Kuang2, Magic Horse, Moscow Email Trojan, Neabi, ProMail trojan, NewApt, Shtrilitz, Stealth, Taripas, Terminator" disabled=yes 
add chain=virus protocol=tcp dst-port=28 action=drop comment="Amanda.200" 
add chain=virus protocol=tcp dst-port=31 action=drop comment="MastersParadise.920" 
add chain=virus protocol=tcp dst-port=68 action=drop comment="Subseven.100" 
add chain=virus protocol=tcp dst-port=135-139 action=drop comment="Blaster Worm" disabled=no 
add chain=virus protocol=tcp dst-port=142 action=drop comment="NetTaxi.180" 
add chain=virus protocol=tcp dst-port=146 action=drop comment="Infector.141, Intruder.100, Intruder.100" 
add chain=virus protocol=tcp dst-port=171 action=drop comment="ATrojan.200" 
add chain=virus protocol=tcp dst-port=285-286 action=drop comment="WCTrojan.100" 
add chain=virus protocol=tcp dst-port=334 action=drop comment="Backage.310" 
add chain=virus protocol=tcp dst-port=370 action=drop comment="NeuroticKat.120, NeuroticKat.130" 
add chain=virus protocol=tcp dst-port=413 action=drop comment="Coma.109" 
add chain=virus protocol=tcp dst-port=420 action=drop comment="Breach.450" 
add chain=virus protocol=tcp dst-port=445 action=drop comment="Blaster Worm" disabled=no 
add chain=virus protocol=tcp dst-port=555 action=drop comment="Id2001.100, PhaseZero.100, StealthSpy.100" 
add chain=virus protocol=tcp dst-port=593 action=drop comment="________" disabled=no 
add chain=virus protocol=tcp dst-port=623 action=drop comment="Rtb666.160" 
add chain=virus protocol=tcp dst-port=660 action=drop comment="Zaratustra.100" 
add chain=virus protocol=tcp dst-port=661 action=drop comment="Noknok.800, Noknok.820" 
add chain=virus protocol=tcp dst-port=666 action=drop comment="BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110" 
add chain=virus protocol=tcp dst-port=667 action=drop comment="SniperNet.210, Snipernet.220" 
add chain=virus protocol=tcp dst-port=668 action=drop comment="Unicorn.101, Unicorn.110" 
add chain=virus protocol=tcp dst-port=680 action=drop comment="Rtb666.160" 
add chain=virus protocol=tcp dst-port=777 action=drop comment="Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332" 
add chain=virus protocol=tcp dst-port=785 action=drop comment="NetworkTerrorist.100" 
add chain=virus protocol=tcp dst-port=800 action=drop comment="NeuroticKitten.010" 
add chain=virus protocol=tcp dst-port=831 action=drop comment="NeuroticKat.100, NeuroticKat.120, NeuroticKat.130" 
add chain=virus protocol=tcp dst-port=901 action=drop comment="NetDevil.130, NetDevil.140" 
add chain=virus protocol=tcp dst-port=1000 action=drop comment="DerSpaeher.200" 
add chain=virus protocol=tcp dst-port=1001 action=drop comment="Silencer.100" 
add chain=virus protocol=tcp dst-port=1008 action=drop comment="AutoSpy.100" 
add chain=virus protocol=tcp dst-port=1010 action=drop comment="DerSpaeher.200" 
add chain=virus protocol=tcp dst-port=1015 action=drop comment="Doly.150" 
add chain=virus protocol=tcp dst-port=1111 action=drop comment="TPort.100" 
add chain=virus protocol=tcp dst-port=1024-1029 action=drop comment="________" disabled=no 
add chain=virus protocol=tcp dst-port=1080 action=drop comment="MyDoom" disabled=no 
add chain=virus protocol=tcp dst-port=1130 action=drop comment="Noknok.800, Noknok.820" 
add chain=virus protocol=tcp dst-port=1207 action=drop comment="SoftWAR.100" 
add chain=virus protocol=tcp dst-port=1214 action=drop comment="________" disabled=no 
add chain=virus protocol=tcp dst-port=1243 action=drop comment="Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200" 
add chain=virus protocol=tcp dst-port=1245 action=drop comment="VoodooDoll.006" 
add chain=virus protocol=tcp dst-port=1269 action=drop comment="Matrix.130" 
add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment="Worm" disabled=no 
add chain=virus protocol=tcp dst-port=1363 action=drop comment="ndm requester" disabled=no 
add chain=virus protocol=tcp dst-port=1364 action=drop comment="ndm server" disabled=no 
add chain=virus protocol=tcp dst-port=1368 action=drop comment="screen cast" disabled=no 
add chain=virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx" disabled=no 
add chain=virus protocol=tcp dst-port=1377 action=drop comment="cichlid" disabled=no 
add chain=virus protocol=tcp dst-port=1480 action=drop comment="RemoteHack.130" 
add chain=virus protocol=tcp dst-port=1568 action=drop comment="RemoteHack.100, RemoteHack.110" add chain=virus protocol=tcp dst-port=1600-1602 action=drop comment="DirectConnection.100" 
add chain=virus protocol=tcp dst-port=1634 action=drop comment="NetCrack.100" 
add chain=virus protocol=tcp dst-port=1784 action=drop comment="Snid.120, Snid.212" 
add chain=virus protocol=tcp dst-port=1999 action=drop comment="TransmissionScout.100, TransmissionScout.110" 
add chain=virus protocol=tcp dst-port=2000 action=drop comment="ATrojan.200, InsaneNetwork.400" 
add chain=virus protocol=tcp dst-port=2001 action=drop comment="DIRT.220, TrojanCow.100" 
add chain=virus protocol=tcp dst-port=2003 action=drop comment="TransmissionScout.100, TransmissionScout.110" 
add chain=virus protocol=tcp dst-port=2023 action=drop comment="RipperPro.100" 
add chain=virus protocol=tcp dst-port=2040 action=drop comment="InfernoUploader.100" 
add chain=virus protocol=tcp dst-port=2115 action=drop comment="Bugs.100" 
add chain=virus protocol=tcp dst-port=2140 action=drop comment="DeepThroat.100, DeepThroat.200, DeepThroat.310" 
add chain=virus protocol=tcp dst-port=2283 action=drop comment="Dumaru.Y" disabled=no 
add chain=virus protocol=tcp dst-port=2332 action=drop comment="SilentSpy.202" 
add chain=virus protocol=tcp dst-port=2535 action=drop comment="Beagle" disabled=no 
add chain=virus protocol=tcp dst-port=2589 action=drop comment="Dagger.140" 
add chain=virus protocol=tcp dst-port=2600 action=drop comment="DigitalRootbeer.100" 
add chain=virus protocol=tcp dst-port=2745 action=drop comment="Bagle Virus" disabled=no 
add chain=virus protocol=tcp dst-port=2745 action=drop comment="Beagle.C-K" disabled=no 
add chain=virus protocol=tcp dst-port=2989 action=drop comment="Rat.200" 
add chain=virus protocol=tcp dst-port=3127 action=drop comment="MyDoom" disabled=no 
add chain=virus protocol=tcp dst-port=3128 action=drop comment="MastersParadise.970" 
add chain=virus protocol=tcp dst-port=3129 action=drop comment="MastersParadise.920, MastersParadise.970" 
add chain=virus protocol=tcp dst-port=3150 action=drop comment="DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110" 
add chain=virus protocol=tcp dst-port=3215 action=drop comment="BlackStar.100, Ghost.230" 
add chain=virus protocol=tcp dst-port=3333 action=drop comment="Daodan.123" 
add chain=virus protocol=tcp dst-port=3410 action=drop comment="Backdoor optixPro" disabled=no 
add chain=virus protocol=tcp dst-port=3410 action=drop comment="OptixPro.100, OptixPro.110" 
add chain=virus protocol=tcp dst-port=3456 action=drop comment="Force.155, TerrorTrojan.100" 
add chain=virus protocol=tcp dst-port=3505 action=drop comment="AutoSpy.130, AutoSpy.140" 
add chain=virus protocol=tcp dst-port=3586 action=drop comment="Snid.120, Snid.212" 
add chain=virus protocol=tcp dst-port=3700 action=drop comment="PortalOfDoom.100" 
add chain=virus protocol=tcp dst-port=3723 action=drop comment="Mantis.100" 
add chain=virus protocol=tcp dst-port=3800 action=drop comment="Eclypse.100" 
add chain=virus protocol=tcp dst-port=3996 action=drop comment="RemoteAnything.364" 
add chain=virus protocol=tcp dst-port=4000 action=drop comment="SkyDance.220, SkyDance.229" 
add chain=virus protocol=tcp dst-port=4201 action=drop comment="Wartrojan.160, Wartrojan.200" 
add chain=virus protocol=tcp dst-port=4225 action=drop comment="SilentSpy.202" 
add chain=virus protocol=tcp dst-port=4321 action=drop comment="Bobo.100" 
add chain=virus protocol=tcp dst-port=4444 action=drop comment="Worm" disabled=no 
add chain=virus protocol=tcp dst-port=4444 action=drop comment="AlexTrojan.200, Crackdown.100" 
add chain=virus protocol=tcp dst-port=4488 action=drop comment="EventHorizon.100" 
add chain=virus protocol=tcp dst-port=4523 action=drop comment="Celine.100" 
add chain=virus protocol=tcp dst-port=4545 action=drop comment="InternalRevise.100, RemoteRevise.150" 
add chain=virus protocol=tcp dst-port=4567 action=drop comment="FileNail.100" 
add chain=virus protocol=tcp dst-port=4666 action=drop comment="Mneah.100" 
add chain=virus protocol=tcp dst-port=4691 action=drop comment="Confiker" 
add chain=virus protocol=tcp dst-port=4950 action=drop comment="ICQTrojan.100" 
add chain=virus protocol=tcp dst-port=5005 action=drop comment="Aladino.060" 
add chain=virus protocol=tcp dst-port=5025 action=drop comment="Keylogger.WMRemote.100" 
add chain=virus protocol=tcp dst-port=5031 action=drop comment="NetMetro.104" 
add chain=virus protocol=tcp dst-port=5032 action=drop comment="NetMetro.104" 
add chain=virus protocol=tcp dst-port=5033 action=drop comment="NetMetro.104" 
add chain=virus protocol=tcp dst-port=5050 action=drop comment="RoxRat.100" 
add chain=virus protocol=tcp dst-port=5151 action=drop comment="OptixLite.020, OptixLite.030, OptixLite.040" 
add chain=virus protocol=tcp dst-port=5190 action=drop comment="MBomber.100" 
add chain=virus protocol=tcp dst-port=5277 action=drop comment="WinShell.400" 
add chain=virus protocol=tcp dst-port=5343 action=drop comment="WCRat.100" 
add chain=virus protocol=tcp dst-port=5400 action=drop comment="BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300" 
add chain=virus protocol=tcp dst-port=5401 action=drop comment="BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100" 
add chain=virus protocol=tcp dst-port=5402 action=drop comment="BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100" 
add chain=virus protocol=tcp dst-port=5534 action=drop comment="TheFlu.100" 
add chain=virus protocol=tcp dst-port=5550 action=drop comment="XTCP.200, XTCP.201" 
add chain=virus protocol=tcp dst-port=5554 action=drop comment="Sasser" disabled=no 
add chain=virus protocol=tcp dst-port=5555 action=drop comment="Noxcape.100, Noxcape.200" 
add chain=virus protocol=tcp dst-port=5695 action=drop comment="Assassin.100" 
add chain=virus protocol=tcp dst-port=5714 action=drop comment="WinCrash.100" 
add chain=virus protocol=tcp dst-port=5741 action=drop comment="WinCrash.100" 
add chain=virus protocol=tcp dst-port=5742 action=drop comment="WinCrash.103" 
add chain=virus protocol=tcp dst-port=5802 action=drop comment="Y3KRat.160" 
add chain=virus protocol=tcp dst-port=5810 action=drop comment="Y3KRat.160" 
add chain=virus protocol=tcp dst-port=5838 action=drop comment="Y3KRat.170" 
add chain=virus protocol=tcp dst-port=5858 action=drop comment="Y3KRat.110, Y3KRat.120, Y3KRat.140" 
add chain=virus protocol=tcp dst-port=5880 action=drop comment="Y3KRat.140" 
add chain=virus protocol=tcp dst-port=5881 action=drop comment="Y3KRat.110, Y3KRat.120, Y3KRat.140" 
add chain=virus protocol=tcp dst-port=5882 action=drop comment="Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150" 
add chain=virus protocol=tcp dst-port=5883 action=drop comment="Y3KRat.110, Y3KRat.140" 
add chain=virus protocol=tcp dst-port=5884 action=drop comment="Y3KRat.140, Y3KRat.150" 
add chain=virus protocol=tcp dst-port=5885 action=drop comment="Y3KRat.110, Y3KRat.120, Y3KRat.140" 
add chain=virus protocol=tcp dst-port=5886 action=drop comment="Y3KRat.120, Y3KRat.140" 
add chain=virus protocol=tcp dst-port=5887 action=drop comment="Y3KRat.110, Y3KRat.120, Y3KRat.140" 
add chain=virus protocol=tcp dst-port=5888 action=drop comment="Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150" 
add chain=virus protocol=tcp dst-port=5889 action=drop comment="Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150" 
add chain=virus protocol=tcp dst-port=5890 action=drop comment="Y3KRat.140" 
add chain=virus protocol=tcp dst-port=5933 action=drop comment="Confiker" 
add chain=virus protocol=tcp dst-port=6400 action=drop comment="Thething.100, Thething.150" 
add chain=virus protocol=tcp dst-port=6556 action=drop comment="AutoSpy.120, AutoSpy.122" 
add chain=virus protocol=tcp dst-port=6655 action=drop comment="Aqua.020" add chain=virus protocol=tcp dst-port=6660 action=drop comment="LameSpy.095" 
add chain=virus protocol=tcp dst-port=6666 action=drop comment="LameRemote.100, ProjectMayhem.100" 
add chain=virus protocol=tcp dst-port=6669 action=drop comment="Vampire.100" 
add chain=virus protocol=tcp dst-port=6670 action=drop comment="DeepThroat.200, DeepThroat.210" 
add chain=virus protocol=tcp dst-port=6671 action=drop comment="DeepThroat.310" 
add chain=virus protocol=tcp dst-port=6699 action=drop comment="HostControl.101" 
add chain=virus protocol=tcp dst-port=6711 action=drop comment="DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190" 
add chain=virus protocol=tcp dst-port=6712 action=drop comment="Subseven.100" 
add chain=virus protocol=tcp dst-port=6713 action=drop comment="Subseven.100" 
add chain=virus protocol=tcp dst-port=6767 action=drop comment="NTRC.120" 
add chain=virus protocol=tcp dst-port=6776 action=drop comment="SubSeven.180, SubSeven.190, Subseven.200" 
add chain=virus protocol=tcp dst-port=6789 action=drop comment="Doly.200" 
add chain=virus protocol=tcp dst-port=6796 action=drop comment="SubSeven.214" 
add chain=virus protocol=tcp dst-port=6912 action=drop comment="ShitHeep.100" 
add chain=virus protocol=tcp dst-port=6939 action=drop comment="Indoctrination.100" 
add chain=virus protocol=tcp dst-port=6953 action=drop comment="Lithium.100" 
add chain=virus protocol=tcp dst-port=6969 action=drop comment="2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120" 
add chain=virus protocol=tcp dst-port=6970 action=drop comment="Danton.330" 
add chain=virus protocol=tcp dst-port=7001 action=drop comment="Freak88.100" 
add chain=virus protocol=tcp dst-port=7119 action=drop comment="Massaker.100" 
add chain=virus protocol=tcp dst-port=7200 action=drop comment="Massaker.110" 
add chain=virus protocol=tcp dst-port=7300 action=drop comment="Coced.221" 
add chain=virus protocol=tcp dst-port=7301 action=drop comment="Coced.221" 
add chain=virus protocol=tcp dst-port=7306 action=drop comment="NetSpy.200, NetSpy.200" 
add chain=virus protocol=tcp dst-port=7410 action=drop comment="Phoenix.190, Phoenix.200" 
add chain=virus protocol=tcp dst-port=7511 action=drop comment="Genue.100" 
add chain=virus protocol=tcp dst-port=7609 action=drop comment="Snid.120, Snid.212" 
add chain=virus protocol=tcp dst-port=7614 action=drop comment="Wollf.130" 
add chain=virus protocol=tcp dst-port=7648 action=drop comment="BlackStar.100, Ghost.230" 
add chain=virus protocol=tcp dst-port=7788 action=drop comment="Last.2000, Matrix.200" 
add chain=virus protocol=tcp dst-port=7826 action=drop comment="MiniOblivion.010, Oblivion.010" 
add chain=virus protocol=tcp dst-port=7887 action=drop comment="SmallFun.110" 
add chain=virus protocol=tcp dst-port=7891 action=drop comment="Revenger.100" 
add chain=virus protocol=tcp dst-port=7979 action=drop comment="VagrNocker.200" 
add chain=virus protocol=tcp dst-port=7997 action=drop comment="VagrNocker.200" 
add chain=virus protocol=tcp dst-port=8000 action=drop comment="XConsole.100" 
add chain=virus protocol=tcp dst-port=8011 action=drop comment="Way.240" 
add chain=virus protocol=tcp dst-port=8012 action=drop comment="Ptakks.215, Ptakks.217" 
add chain=virus protocol=tcp dst-port=8110 action=drop comment="LoseLove.100" 
add chain=virus protocol=tcp dst-port=8111 action=drop comment="LoseLove.100" 
add chain=virus protocol=tcp dst-port=8301 action=drop comment="LoseLove.100" 
add chain=virus protocol=tcp dst-port=8302 action=drop comment="LoseLove.100" 
add chain=virus protocol=tcp dst-port=8372 action=drop comment="NetBoy.100" 
add chain=virus protocol=tcp dst-port=8720 action=drop comment="Connection.130" 
add chain=virus protocol=tcp dst-port=8734 action=drop comment="AutoSpy.110" 
add chain=virus protocol=tcp dst-port=8811 action=drop comment="Force.155" 
add chain=virus protocol=tcp dst-port=8866 action=drop comment="Beagle.B" disabled=no 
add chain=virus protocol=tcp dst-port=8899 action=drop comment="Last.2000" 
add chain=virus protocol=tcp dst-port=9000 action=drop comment="Aristotles.100" 
add chain=virus protocol=tcp dst-port=9301 action=drop comment="LoseLove.100" 
add chain=virus protocol=tcp dst-port=9400 action=drop comment="InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170" 
add chain=virus protocol=tcp dst-port=9401 action=drop comment="InCommand.100, InCommand.110, InCommand.170" 
add chain=virus protocol=tcp dst-port=9402 action=drop comment="InCommand.100, InCommand.110" 
add chain=virus protocol=tcp dst-port=9561 action=drop comment="CRatPro.110" 
add chain=virus protocol=tcp dst-port=9563 action=drop comment="CRatPro.110" 
add chain=virus protocol=tcp dst-port=9580 action=drop comment="TheefLE.100" 
add chain=virus protocol=tcp dst-port=9696 action=drop comment="Danton.210, Ghost.230" 
add chain=virus protocol=tcp dst-port=9697 action=drop comment="Danton.320, Danton.330, Ghost.230" 
add chain=virus protocol=tcp dst-port=9870 action=drop comment="R3C.100" 
add chain=virus protocol=tcp dst-port=9872 action=drop comment="PortalOfDoom.100" 
add chain=virus protocol=tcp dst-port=9873 action=drop comment="PortalOfDoom.100" 
add chain=virus protocol=tcp dst-port=9874 action=drop comment="PortalOfDoom.100" 
add chain=virus protocol=tcp dst-port=9875 action=drop comment="PortalOfDoom.100" 
add chain=virus protocol=tcp dst-port=9876 action=drop comment="Rux.100, SheepGoat.100" 
add chain=virus protocol=tcp dst-port=9877 action=drop comment="SmallBigBrother.020" 
add chain=virus protocol=tcp dst-port=9878 action=drop comment="SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120" 
add chain=virus protocol=tcp dst-port=9879 action=drop comment="SmallBigBrother.020" 
add chain=virus protocol=tcp dst-port=9898 action=drop comment="Dabber.A-B" disabled=no 
add chain=virus protocol=tcp dst-port=9999 action=drop comment="ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300" 
add chain=virus protocol=tcp dst-port=10000 action=drop comment="Dumaru.Y, sebaiknya di didisable karena juga sering digunakan utk vpn atau webmin" disabled=yes 
add chain=virus protocol=tcp dst-port=10001 action=drop comment="DTr.130, DTr.140" 
add chain=virus protocol=tcp dst-port=10013 action=drop comment="Amanda.200" 
add chain=virus protocol=tcp dst-port=10067 action=drop comment="PortalOfDoom.100" 
add chain=virus protocol=tcp dst-port=10080 action=drop comment="MyDoom.B" disabled=no 
add chain=virus protocol=tcp dst-port=10100 action=drop comment="Gift.240" 
add chain=virus protocol=tcp dst-port=10101 action=drop comment="NewSilencer.100" 
add chain=virus protocol=tcp dst-port=10167 action=drop comment="PortalOfDoom.100" 
add chain=virus protocol=tcp dst-port=10528 action=drop comment="HostControl.100, HostControl.260" 
add chain=virus protocol=tcp dst-port=10607 action=drop comment="Coma.109" 
add chain=virus protocol=tcp dst-port=10666 action=drop comment="Ambush.100" 
add chain=virus protocol=tcp dst-port=11011 action=drop comment="Amanda.200" 
add chain=virus protocol=tcp dst-port=11050 action=drop comment="HostControl.101" 
add chain=virus protocol=tcp dst-port=11051 action=drop comment="HostControl.100, HostControl.260" 
add chain=virus protocol=tcp dst-port=11223 action=drop comment="AntiNuke.100, Progenic.100, Progenic.110" 
add chain=virus protocol=tcp dst-port=11225 action=drop comment="Cyn.100, Cyn.103, Cyn.120" 
add chain=virus protocol=tcp dst-port=11306 action=drop comment="Noknok.800, Noknok.820" 
add chain=virus protocol=tcp dst-port=11831 action=drop comment="Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400" 
add chain=virus protocol=tcp dst-port=11991 action=drop comment="PitfallSurprise.100" 
add chain=virus protocol=tcp dst-port=12043 action=drop comment="Frenzy.2000" 
add chain=virus protocol=tcp dst-port=12345 action=drop comment="NetBus" disabled=no 
add chain=virus protocol=tcp dst-port=12345 action=drop comment="Fade.100, Netbus.160, Netbus.170, VagrNocker.400" 
add chain=virus protocol=tcp dst-port=12346 action=drop comment="Netbus.160, Netbus.170" 
add chain=virus protocol=tcp dst-port=12348 action=drop comment="Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317" 
add chain=virus protocol=udp dst-port=11225 action=drop comment="Cyn.100, Cyn.103, Cyn.120" 
add chain=virus protocol=udp dst-port=11306 action=drop comment="Noknok.800, Noknok.820" 
add chain=virus protocol=udp dst-port=12389 action=drop comment="KheSanh.210" 
add chain=virus protocol=udp dst-port=12623 action=drop comment="Buttman.090, Buttman.100" 
add chain=virus protocol=udp dst-port=12625 action=drop comment="Buttman.100" 
add chain=virus protocol=udp dst-port=14100 action=drop comment="Eurosol.100" 
add chain=virus protocol=udp dst-port=23476 action=drop comment="DonaldDick.155" 
add chain=virus protocol=udp dst-port=26274 action=drop comment="Delta.050" 
add chain=virus protocol=udp dst-port=27184 action=drop comment="Alvgus.100" 
add chain=virus protocol=udp dst-port=28431-28436 action=drop comment="Hack'a'Tack.2000" 
add chain=virus protocol=udp dst-port=29891 action=drop comment="Unexplained.100" 
add chain=virus protocol=udp dst-port=30103 action=drop comment="NetSphere.131" 
add chain=virus protocol=udp dst-port=31320 action=drop comment="LittleWitch.400, LittleWitch.420" 
add chain=virus protocol=udp dst-port=31337 action=drop comment="BackOrifice.120, OPC.200" 
add chain=virus protocol=udp dst-port=31416 action=drop comment="Lithium.100, Lithium.101" 
add chain=virus protocol=udp dst-port=31789 action=drop comment="Hack'a'Tack.100, Hack'a'Tack.112" 
add chain=virus protocol=udp dst-port=31791 action=drop comment="Hack'a'Tack.100, Hack'a'Tack.112" 
add chain=virus protocol=udp dst-port=33333 action=drop comment="Blackharaz.100" 
add chain=virus protocol=udp dst-port=47262 action=drop comment="Delta.050" 
add chain=virus protocol=udp dst-port=49683 action=drop comment="HolzPferd.210" 
add chain=virus protocol=udp dst-port=60000 action=drop comment="MiniBacklash.100" 
add chain=forward protocol=tcp dst-port=80 src-address-list=LAN action=accept comment="Web" disabled=no 
add chain=forward connection-state=established action=accept comment="allow established connections" disabled=no 
add chain=forward connection-state=related action=accept comment="allow related connections" disabled=no 
add chain=forward connection-state=invalid action=drop comment="invalid" 
add chain=forward action=jump jump-target=virus comment="jump to the virus chain" disabled=no 
add chain=input protocol=tcp dst-port=21 src-address-list=LAN action=accept comment="FTP" disabled=no 
add chain=input protocol=tcp dst-port=22 src-address-list=LAN action=accept comment="SSH for secure shell" disabled=no 
add chain=input protocol=tcp dst-port=23 src-address-list=LAN action=accept comment="Telnet" disabled=no 
add chain=input protocol=tcp dst-port=8291 src-address-list=LAN action=accept comment="winbox" disabled=no 
add chain=input protocol=tcp dst-port=1723 action=accept comment="pptp-server" disabled=no 
add chain=input protocol=udp action=accept comment="UDP" disabled=no 
add chain=input protocol=icmp limit=50/5s, 2 action=accept comment="allow limited pings" disabled=no 
add chain=input protocol=icmp action=drop comment="excess pings" disabled=no 
add chain=input connection-state=established action=accept comment="Accept established connections" disabled=no 
add chain=input connection-state=related action=accept comment="Accept related connections" disabled=no 
add chain=input connection-state=invalid action=drop comment="invalid connections" disabled=no 
add chain=input src-address-list=LAN action=accept comment="Local network" disabled=no 
add chain=input action=log log-prefix="INPUT" comment="Log everything else" disabled=no 
add chain=input action=drop comment="everything else" disabled=no

 

Sebelum menambahkan script diatas, tambahkan juga skrip berikut pada address-list

ip firewall address-list add list=LAN address=192.168.1.0/24 comment="LAN" disabled=no

 

Untuk ip address LAN sesuaikan dengan ip address jaringan lokal anda.

Daftar port di atas hanya sebagian dari keseluruhan daftar port yang saya miliki. Salinan script di atas dengan port yang lengkap, dapat anda unduh di sini : [Download]

Comments on Daftar Blokir Port Virus dan Worm Mikrotik

  • http://cyberlow.blogspot.com Saiful

    Nice share gan ^_^v
    tp klo segitu banyak port di tutupin semua yaaaaaaaaaa…………..
    hhehheee….
    bikin aja port yg di pake berapa, trus selaen port itu di drop, kan beres…
    untuk port2 game OL bisa di lihat di forum2, lebih singkat gan gk berbelit2.. :p

    • http://ardhagp.com/ Ardha Gp

      makasi masukannya masbro. bener seh, alternatif-nya adalah meloloskan port tertentu yang cuman dipake, selain port itu tinggal di drop. cuman ya kasian yang baru belajar, yang ndak tau port-port mana aja yang mereka butuhin. 😀
      ini juga hasil googling.. ampun gan, bukan bikinan ane sendiri…ane juga masih belajar mikrotik.
      mohon dibimbing kalo berkenan.. 😮

  • AMING

    waw….banyak sekalee….

    • http://ardhagp.com/ Ardha Gp

      List-nya bisa di download di bagian bawah mas, nanti tinggal di copy-kan lewat Telnet.

  • ice paisal

    makasi mas bro….
    tapi masih dicari dulu port yang nyangkut nih… hehehe

Social Media Auto Publish Powered By : XYZScripts.com