Mikrotik IDS
Un metoto semplice per bloccare le scansione delle porte sulla rete /ip firewall filteradd action=add-src-to-address-list address-list=ddos2-attackers address-list-timeout=2h5m30s chain=forward comment=”INIZIO IDS” in-interface=INTERFACCIA_INTERNET log-prefix=MIAO protocol=tcp psd=7,2s,3,1 tcp-flags=synadd action=jump chain=forward connection-state=new in-interface=INTERFACCIA_INTERNET jump-target=detected-ddosadd action=return chain=detected-ddos dst-limit=16,16,addresses-and-dst-port/100msadd action=add-src-to-address-list address-list=ddos2-attackers address-list-timeout=5m10s chain=detected-ddosadd action=add-dst-to-address-list address-list=ddos2-targets address-list-timeout=5m10s chain=detected-ddos comment=”FINE IDS” /ip firewall address-listadd address=ILTUOIPPUBBLICO list=ddos-attackers-Salvi /ip firewall rawadd action=accept chain=prerouting dst-address-list=ddos2-targets src-address-list=ddos-attackers-Salviadd […]
Continue Reading