Code:
/ip firewall filter add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=61.213.183.1-61.213.183.254 add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=67.195.134.1-67.195.134.254 add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=68.142.233.1-68.142.233.254 add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=68.180.217.1-68.180.217.254 add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=203.84.204.1-203.84.204.254 add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=69.63.176.1-69.63.176.254 add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=69.63.181.1-69.63.181.254 add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=63.245.209.1-63.245.209.254 add action=accept chain=input comment="ANTI NETCUT" disabled=no dst-port=0-65535 protocol=tcp src-address=63.245.213.1-63.245.213.254
netcut pada waktu scan network ngecek ip2 dibutuhkannya bisa diakses atau tidak, klo ga bisa diakses dia bikin IP bar, semua client yg ga diproteksi dialokasikan ke ip bar tsb. bila diizinkan maka IP pengguna netcut yg akan terputus dari jaringan, sdgkan client laen ga putus (klo ga di-cut off).... maknyuss lagi apabila dikombinasikan dg filter2 port knocking, drop brutus, filter bawaan webbox juga, cuma pesan wa ati2 aja, filter2 tsb dicoba satu2 krn klo ga malah bikin berat koneksi.
kelemahannya kadangkala trafik netcut ga keliatan
Yg perlu diingat filter firewall ini cuma utk melindungi router, bukan client network keseluruhan, klo di client sih ya instal semacam antinetcut, antispyware, dll...
Tidak ada komentar:
Posting Komentar