Setelah Anda selesai nginstal mikrotik (lebih kurang 5menit) silahkan ketikkan syntax berikut ini dikonsulnya. upss… tulisan yang dicetak miring jangan diketikkan juga yah, itu hanya sebagai keterangannya saja. ketikkan saja tulisan yang saya bold/tebal kan… Selamat Ber-eksperimen.
1. /ip address add interface=ether1 address = 192.168.1.2 netmask= 255.255.255.0 (lancard ke modem)
2. /ip address add interface=ether2 address [...]
11 Langkah Setting Mikrotik Standar
mem-Block Virus
1 BLOCK SPAMMERS OR INFECTED USERS
chain=forward protocol=tcp dst-port=25 src-address-list=spammer
action=drop
2 Detect and add-list SMTP virus or spammers
chain=forward protocol=tcp dst-port=25 connection-limit=30,32 limit=50,5 src-address-list=!spammer action=add-src-to-address-list
address-list=spammer address-list-timeout=1d
/ip firewall nat chain=srcnat out-interface=”your interface which provides internet” src-address=”network 1? action=masquerade
you need to add chains for each subnet you have ,for the head office subnet you need to add this
/ip firewall nat [...]
Port Filter di Mikrotik
/ ip firewall filteradd chain=forward protocol=tcp dst-port=135-139 action=drop comment=”” disabled=no
add chain=forward protocol=udp dst-port=135-139 action=drop comment=”” disabled=no
add chain=forward protocol=tcp dst-port=445 action=drop comment=”” disabled=no
add chain=forward protocol=udp dst-port=445 action=drop comment=”” disabled=no
add chain=forward protocol=tcp dst-port=593 action=drop comment=”” disabled=no
add chain=forward protocol=tcp dst-port=1024-1030 action=drop comment=”” disabled=no
add chain=forward protocol=tcp dst-port=1080 action=drop comment=”” disabled=no
add chain=forward protocol=tcp dst-port=1214 action=drop comment=”” disabled=no
add chain=forward protocol=tcp dst-port=1363 [...]
Squid-Mikrotik
/ ip firewall nat
add chain=srcnat out-interface=wan src-address=192.168.8.0/24
action=masquerade comment=”” disabled=no
add chain=dstnat in-interface=local src-address=!192.168.8.4 protocol=tcp
dst-port=80 src-address-list=port scanner action=redirect to-ports=8082
comment=”transparant web” disabled=yes
set enabled=yes src-address=0.0.0.0 port=8082 hostname=”router”
transparent-proxy=yes parent-proxy=192.168.8.4:3128
cache-administrator=”webmaster” max-object-size=4096KiB cache-drive=system
max-cache-size=131072KiB max-ram-cache-size=unlimited
Trojan Port List
daftar port yang sering digunakan oleh trojan, mallware, worm:
tcp: 3312,3412,3512,1215,1315,4661,4672,5555,4242,3306,2323,6667,7778,1863,6346,6257,6699,4661,4672,1214,6881,6889
udp: 4661,4672,6881,6889,1214,4661,4672,6257,6699,6346,3312,3412,3512,1215,1315
