Mungkin ada Yang butuh Protocol Dan Port Yang Sebaiknya Ditutup ?

Bagaimana Block Protocol Prt Block Bagus Ip Address ?
  • add chain=forword scr-address=0.0.0.0/8 action=drop
  • add chain=forward dts-address=0.0.0.0/8 action=drop
  • add chain=forward scr-address=127.0.0.0/8 action=drop
  • add chain=forward dst-address=127.0.0.0/8 action=drop
  • add chain=forward src-address=244.0.0.0/3 action=drop
  • add chain=forward dst-address=244.0.0.0/3 action=drop
Sedangkan untuk Separate Protocol into Chains Adalah ?
  • add chain=forward protocol=tcp action=jump jump-target=tcp
  • add chain=forward protocol=udp action=jump jump-target=udp
  • add chain=forward protocol=icmp action=jump jump-target=icmp
Selain itu jangan lupa Blocking UDP Packet!
  • add chain=udp protocol=udp dst-port=69 action=drop comment="deny TFTP"
  • add chain=udp protocol=udp dst-port=111 action=drop comment="deny PRC Portmapper"
  • add chain=udp protocol=udp dst-port=135 action=drop comment="deny PRC Portmapper"
  • add chain=udp protocol=udp dst-port=137-139 action=drop comment="deny NBT"
  • add chain=udp protocol=udp dst-port=2049 action=drop comment="deny BackOriffece"
masih ada 4 lagi yang belum dibahas lain waktu saja ?
Only Needed ICMP Codes ICMP Chain
Deny Some TCP Ports
Virus And Worm


Comments

Post a Comment

Thank&You