Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Filter Firewall Virus Mikrotik

    Загружено:

    DouwikKousuma
    7 просмотров8 страниц
    aa

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    TXT, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    aa

    Авторское право:

    © All Rights Reserved
    Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    7 просмотров8 страниц

    Filter Firewall Virus Mikrotik

    Загружено:

    DouwikKousuma
    aa

    Авторское право:

    © All Rights Reserved
    Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 8

    /ip firewall filter

    add chain=virus protocol=udp action=drop dst-port=1 comment="Sockets des Troie"


    add chain=virus protocol=tcp action=drop dst-port=2 comment="Death"
    add chain=virus protocol=tcp action=drop dst-port=20 comment="Senna Spy FTP server"
    add chain=virus protocol=tcp action=drop dst-port=21 comment="Back Construction,
    Blade Runner, Cattivik FTP Server, CC Invader, Dark FTP, Doly Trojan"
    add chain=virus protocol=tcp action=drop dst-port=22 comment="Shaft"
    add chain=virus protocol=tcp action=drop dst-port=23 comment="Fire HacKer, Tiny
    Telnet Server TTS, Truva Atl"
    add chain=virus protocol=tcp action=drop dst-port=25 comment="Ajan, Antigen, Barok,
    Email Password Sender EPS, EPS II, Gip, Gris, Happy99, Hpteam mail, Hybris"
    add chain=virus protocol=tcp action=drop dst-port=30 comment="Agent 40421"
    add chain=virus protocol=tcp action=drop dst-port=31 comment="Agent 31, Hackers
    Paradise, Masters Paradise"
    add chain=virus protocol=tcp action=drop dst-port=41 comment="Deep Throat,
    Foreplay"
    add chain=virus protocol=tcp action=drop dst-port=48 comment="DRAT"
    add chain=virus protocol=tcp action=drop dst-port=50 comment="DRAT"
    add chain=virus protocol=tcp action=drop dst-port=58 comment="DMSetup"
    add chain=virus protocol=tcp action=drop dst-port=59 comment="DMSetup"
    add chain=virus protocol=tcp action=drop dst-port=79 comment="CDK, Firehotcker"
    add chain=virus protocol=tcp action=drop dst-port=80 comment="711 trojan, Seven
    Eleven, AckCmd, Back End, Back Orifice 2000 Plug-Ins, Cafeini, CGI Backdoor,
    Executor"
    add chain=virus protocol=tcp action=drop dst-port=81 comment="RemoConChubo"
    add chain=virus protocol=tcp action=drop dst-port=99 comment="Hidden Port, NCX"
    add chain=virus protocol=tcp action=drop dst-port=110 comment="ProMail trojan"
    add chain=virus protocol=tcp action=drop dst-port=113 comment="Invisible Identd
    Deamon, Kazimas"
    add chain=virus protocol=tcp action=drop dst-port=119 comment="Happy99"
    add chain=virus protocol=tcp action=drop dst-port=121 comment="Attack Bot, God
    Message, JammerKillah"
    add chain=virus protocol=tcp action=drop dst-port=123 comment="Net Controller"
    add chain=virus protocol=tcp action=drop dst-port=133 comment="Farnaz"
    add chain=virus protocol=tcp action=drop dst-port=135-139 comment="Blaster worm"
    add chain=virus protocol=udp action=drop dst-port=135-139 comment="messenger worm
    add chain=virus protocol=tcp action=drop dst-port=142 comment="NetTaxi"
    add chain=virus protocol=tcp action=drop dst-port=146 comment="Infector"
    add chain=virus protocol=udp action=drop dst-port=146 comment="Infector"
    add chain=virus protocol=tcp action=drop dst-port=170 comment="A-trojan"
    add chain=virus protocol=tcp action=drop dst-port=334 comment="Backage"
    add chain=virus protocol=tcp action=drop dst-port=411 comment="Backage"
    add chain=virus protocol=tcp action=drop dst-port=420 comment="Breach, Incognito"
    add chain=virus protocol=tcp action=drop dst-port=421 comment="TCP Wrappers trojan"
    add chain=virus protocol=tcp action=drop dst-port=445 comment="Blaster worm
    add chain=virus protocol=udp action=drop dst-port=445 comment="Blaster worm
    add chain=virus protocol=tcp action=drop dst-port=455 comment="Fatal Connections"
    add chain=virus protocol=tcp action=drop dst-port=456 comment="Hackers Paradise"
    add chain=virus protocol=tcp action=drop dst-port=513 comment="Grlogin"
    add chain=virus protocol=tcp action=drop dst-port=514 comment="RPC Backdoor"
    add chain=virus protocol=tcp action=drop dst-port=531 comment="Net666, Rasmin"
    add chain=virus protocol=tcp action=drop dst-port=555 comment="711 trojan, Seven
    Eleven, Ini-Killer, Net Administrator, Phase Zero, Phase-0, Stealth Spy"
    add chain=virus protocol=tcp action=drop dst-port=605 comment="Secret Service"
    add chain=virus protocol=tcp action=drop dst-port=666 comment="Attack FTP, Back
    Construction, BLA trojan, Cain & Abel, NokNok, Satans Back Door SBD, ServU, Shadow"
    add chain=virus protocol=tcp action=drop dst-port=667 comment="SniperNet"
    add chain=virus protocol=tcp action=drop dst-port=669 comment="DP trojan"
    add chain=virus protocol=tcp action=drop dst-port=692 comment="GayOL"
    add chain=virus protocol=tcp action=drop dst-port=777 comment="AimSpy, Undetected"
    add chain=virus protocol=tcp action=drop dst-port=808 comment="WinHole"
    add chain=virus protocol=tcp action=drop dst-port=911 comment="Dark Shadow"
    add chain=virus protocol=tcp action=drop dst-port=999 comment="Deep Throat,
    Foreplay, WinSatan"
    add chain=virus protocol=tcp action=drop dst-port=1000 comment="Der Spaeher, Direct
    Connection"
    add chain=virus protocol=tcp action=drop dst-port=1001 comment="Der Spaeher, Le
    Guardien, Silencer, WebEx"
    add chain=virus protocol=tcp action=drop dst-port=1010-1016 comment="Doly Trojan"
    add chain=virus protocol=tcp action=drop dst-port=1020 comment="Vampire"
    add chain=virus protocol=tcp action=drop dst-port=1024 comment="Jade, Latinus,
    NetSpy"
    add chain=virus protocol=tcp action=drop dst-port=1025 comment="Remote Storm"
    add chain=virus protocol=udp action=drop dst-port=1025 comment="Remote Storm"
    add chain=virus protocol=tcp action=drop dst-port=1035 comment="Multidropper"
    add chain=virus protocol=tcp action=drop dst-port=1042 comment="BLA trojan"
    add chain=virus protocol=tcp action=drop dst-port=1045 comment="Rasmin"
    add chain=virus protocol=tcp action=drop dst-port=1049 comment="sbin initd"
    add chain=virus protocol=tcp action=drop dst-port=1050 comment="MiniCommand"
    add chain=virus protocol=tcp action=drop dst-port=1053 comment="The Thief"
    add chain=virus protocol=tcp action=drop dst-port=1054 comment="AckCmd"
    add chain=virus protocol=tcp action=drop dst-port=1080-1083 comment="WinHole"
    add chain=virus protocol=tcp action=drop dst-port=1090 comment="Xtreme"
    add chain=virus protocol=tcp action=drop dst-port=1095-1098 comment="Remote
    Administration Tool RAT"
    add chain=virus protocol=tcp action=drop dst-port=1099 comment="Blood Fest
    Evolution, Remote Administration Tool RAT"
    add chain=virus protocol=tcp action=drop dst-port=1150-1151 comment="Orion"
    add chain=virus protocol=tcp action=drop dst-port=1170 comment="Psyber Stream
    Server PSS, Streaming Audio Server, Voice"
    add chain=virus protocol=udp action=drop dst-port=1200-1201 comment="NoBackO"
    add chain=virus protocol=tcp action=drop dst-port=1207 comment="SoftWAR"
    add chain=virus protocol=tcp action=drop dst-port=1208 comment="Infector"
    add chain=virus protocol=tcp action=drop dst-port=1212 comment="Kaos"
    add chain=virus protocol=tcp action=drop dst-port=1234 comment="SubSeven Java
    client, Ultors Trojan"
    add chain=virus protocol=tcp action=drop dst-port=1243 comment="BackDoor-G,
    SubSeven, SubSeven Apocalypse, Tiles"
    add chain=virus protocol=tcp action=drop dst-port=1245 comment="VooDoo Doll"
    add chain=virus protocol=tcp action=drop dst-port=1255 comment="Scarab"
    add chain=virus protocol=tcp action=drop dst-port=1256 comment="Project nEXT"
    add chain=virus protocol=tcp action=drop dst-port=1269 comment="Matrix"
    add chain=virus protocol=tcp action=drop dst-port=1272 comment="The Matrix"
    add chain=virus protocol=tcp action=drop dst-port=1313 comment="NETrojan"
    add chain=virus protocol=tcp action=drop dst-port=1338 comment="Millenium Worm"
    add chain=virus protocol=tcp action=drop dst-port=1349 comment="Bo dll"
    add chain=virus protocol=tcp action=drop dst-port=1394 comment="GoFriller, Backdoor
    G-1"
    add chain=virus protocol=tcp action=drop dst-port=1441 comment="Remote Storm"
    add chain=virus protocol=tcp action=drop dst-port=1492 comment="FTP99CMP"
    add chain=virus protocol=tcp action=drop dst-port=1524 comment="Trinoo"
    add chain=virus protocol=tcp action=drop dst-port=1568 comment="Remote Hack"
    add chain=virus protocol=tcp action=drop dst-port=1600 comment="Direct Connection,
    Shivka-Burka"
    add chain=virus protocol=tcp action=drop dst-port=1703 comment="Exploiter"
    add chain=virus protocol=tcp action=drop dst-port=1777 comment="Scarab"
    add chain=virus protocol=tcp action=drop dst-port=1807 comment="SpySender"
    add chain=virus protocol=tcp action=drop dst-port=1966 comment="Fake FTP"
    add chain=virus protocol=tcp action=drop dst-port=1967 comment="WM FTP Server"
    add chain=virus protocol=tcp action=drop dst-port=1969 comment="OpC BO"
    add chain=virus protocol=tcp action=drop dst-port=1981 comment="Bowl, Shockrave"
    add chain=virus protocol=tcp action=drop dst-port=1999 comment="Back Door,
    SubSeven, TransScout"
    add chain=virus protocol=tcp action=drop dst-port=2000 comment="Der Spaeher, Insane
    Network, Last 2000, Remote Explorer 2000, Senna Spy Trojan Generator"
    add chain=virus protocol=tcp action=drop dst-port=2001 comment="Der Spaeher, Trojan
    Cow"
    add chain=virus protocol=tcp action=drop dst-port=2023 comment="Ripper Pro"
    add chain=virus protocol=tcp action=drop dst-port=2080 comment="WinHole"
    add chain=virus protocol=tcp action=drop dst-port=2115 comment="Bugs"
    add chain=virus protocol=udp action=drop dst-port=2130 comment="Mini Backlash"
    add chain=virus protocol=tcp action=drop dst-port=2140 comment="The Invasor"
    add chain=virus protocol=udp action=drop dst-port=2140 comment="Deep Throat,
    Foreplay"
    add chain=virus protocol=tcp action=drop dst-port=2155 comment="Illusion Mailer"
    add chain=virus protocol=tcp action=drop dst-port=2255 comment="Nirvana"
    add chain=virus protocol=tcp action=drop dst-port=2283 comment="Hvl RAT"
    add chain=virus protocol=tcp action=drop dst-port=2300 comment="Xplorer"
    add chain=virus protocol=tcp action=drop dst-port=2311 comment="Studio 54"
    add chain=virus protocol=tcp action=drop dst-port=2330-2339 comment="Contact"
    add chain=virus protocol=udp action=drop dst-port=2339 comment="Voice Spy"
    add chain=virus protocol=tcp action=drop dst-port=2345 comment="Doly Trojan"
    add chain=virus protocol=tcp action=drop dst-port=2565 comment="Striker trojan"
    add chain=virus protocol=tcp action=drop dst-port=2583 comment="WinCrash"
    add chain=virus protocol=tcp action=drop dst-port=2600 comment="Digital RootBeer"
    add chain=virus protocol=tcp action=drop dst-port=2716 comment="The Prayer"
    add chain=virus protocol=tcp action=drop dst-port=2773-2774 comment="SubSeven,
    SubSeven 2.1 Gold"
    add chain=virus protocol=tcp action=drop dst-port=2801 comment="Phineas Phucker"
    add chain=virus protocol=udp action=drop dst-port=2989 comment="Remote
    Administration Tool RAT"
    add chain=virus protocol=tcp action=drop dst-port=3000 comment="Remote Shut"
    add chain=virus protocol=tcp action=drop dst-port=3024 comment="WinCrash"
    add chain=virus protocol=tcp action=drop dst-port=3031 comment="Microspy"
    add chain=virus protocol=tcp action=drop dst-port=3128 comment="Reverse WWW Tunnel
    Backdoor, RingZero"
    add chain=virus protocol=tcp action=drop dst-port=3129 comment="Masters Paradise"
    add chain=virus protocol=tcp action=drop dst-port=3150 comment="The Invasor"
    add chain=virus protocol=udp action=drop dst-port=3150 comment="Deep Throat,
    Foreplay, Mini Backlash"
    add chain=virus protocol=tcp action=drop dst-port=3456 comment="Terror trojan"
    add chain=virus protocol=tcp action=drop dst-port=3459 comment="Eclipse 2000,
    Sanctuary"
    add chain=virus protocol=tcp action=drop dst-port=3700 comment="Portal of Doom"
    add chain=virus protocol=tcp action=drop dst-port=3777 comment="PsychWard"
    add chain=virus protocol=tcp action=drop dst-port=3791-3801 comment="Total Solar
    Eclypse"
    add chain=virus protocol=tcp action=drop dst-port=4000 comment="SkyDance"
    add chain=virus protocol=tcp action=drop dst-port=4092 comment="WinCrash"
    add chain=virus protocol=tcp action=drop dst-port=4242 comment="Virtual Hacking
    Machine VHM"
    add chain=virus protocol=tcp action=drop dst-port=4321 comment="BoBo"
    add chain=virus protocol=tcp action=drop dst-port=4444 comment="Prosiak, Swift
    Remote"
    add chain=virus protocol=tcp action=drop dst-port=4567 comment="File Nail"
    add chain=virus protocol=tcp action=drop dst-port=4590 comment="ICQ Trojan"
    add chain=virus protocol=tcp action=drop dst-port=4950 comment="ICQ Trogen Lm"
    add chain=virus protocol=tcp action=drop dst-port=5000 comment="Back Door Setup,
    Blazer5, Bubbel, ICKiller, Ra1d, Sockets des Troie"
    add chain=virus protocol=tcp action=drop dst-port=5001 comment="Back Door Setup,
    Sockets des Troie"
    add chain=virus protocol=tcp action=drop dst-port=5002 comment="cd00r, Shaft"
    add chain=virus protocol=tcp action=drop dst-port=5010 comment="Solo"
    add chain=virus protocol=tcp action=drop dst-port=5011 comment="One of the Last
    Trojans OOTLT, One of the Last Trojans OOTLT, modified"
    add chain=virus protocol=tcp action=drop dst-port=5025 comment="WM Remote
    KeyLogger"
    add chain=virus protocol=tcp action=drop dst-port=5031-5032 comment="Net
    Metropolitan"
    add chain=virus protocol=tcp action=drop dst-port=5321 comment="Firehotcker"
    add chain=virus protocol=tcp action=drop dst-port=5333 comment="Backage, NetDemon"
    add chain=virus protocol=tcp action=drop dst-port=5343 comment="wCrat WC Remote
    Administration Tool"
    add chain=virus protocol=tcp action=drop dst-port=5400-5402 comment="Back
    Construction, Blade Runner"
    add chain=virus protocol=tcp action=drop dst-port=5512 comment="Illusion Mailer"
    add chain=virus protocol=tcp action=drop dst-port=5534 comment="The Flu"
    add chain=virus protocol=tcp action=drop dst-port=5550 comment="Xtcp"
    add chain=virus protocol=tcp action=drop dst-port=5555 comment="ServeMe"
    add chain=virus protocol=tcp action=drop dst-port=5556-5557 comment="BO Facil"
    add chain=virus protocol=tcp action=drop dst-port=5569 comment="Robo-Hack"
    add chain=virus protocol=tcp action=drop dst-port=5637-5638 comment="PC Crasher"
    add chain=virus protocol=tcp action=drop dst-port=5742 comment="WinCrash"
    add chain=virus protocol=tcp action=drop dst-port=5760 comment="Portmap Remote Root
    Linux Exploit"
    add chain=virus protocol=tcp action=drop dst-port=5880-5889 comment="Y3K RAT"
    add chain=virus protocol=tcp action=drop dst-port=6000 comment="The Thing"
    add chain=virus protocol=tcp action=drop dst-port=6006 comment="Bad Blood"
    add chain=virus protocol=tcp action=drop dst-port=6272 comment="Secret Service"
    add chain=virus protocol=tcp action=drop dst-port=6400 comment="The Thing"
    add chain=virus protocol=tcp action=drop dst-port=6661 comment="TEMan, Weia-Meia"
    add chain=virus protocol=tcp action=drop dst-port=6666 comment="Dark Connection
    Inside, NetBus worm"
    add chain=virus protocol=tcp action=drop dst-port=6667 comment="Dark FTP,
    ScheduleAgent, SubSeven, Subseven 2.1.4 DefCon 8, Trinity, WinSatan"
    add chain=virus protocol=tcp action=drop dst-port=6669 comment="Host Control,
    Vampire"
    add chain=virus protocol=tcp action=drop dst-port=6670 comment="BackWeb Server,
    Deep Throat, Foreplay, WinNuke eXtreame"
    add chain=virus protocol=tcp action=drop dst-port=6711 comment="BackDoor-G,
    SubSeven, VP Killer"
    add chain=virus protocol=tcp action=drop dst-port=6712 comment="Funny trojan,
    SubSeven"
    add chain=virus protocol=tcp action=drop dst-port=6713 comment="SubSeven"
    add chain=virus protocol=tcp action=drop dst-port=6723 comment="Mstream"
    add chain=virus protocol=tcp action=drop dst-port=6771 comment="Deep Throat,
    Foreplay"
    add chain=virus protocol=tcp action=drop dst-port=6776 comment="2000 Cracks,
    BackDoor-G, SubSeven, VP Killer"
    add chain=virus protocol=udp action=drop dst-port=6838 comment="Mstream"
    add chain=virus protocol=tcp action=drop dst-port=6883 comment="Delta Source
    DarkStar"
    add chain=virus protocol=tcp action=drop dst-port=6912 comment="Shit Heep"
    add chain=virus protocol=tcp action=drop dst-port=6939 comment="Indoctrination"
    add chain=virus protocol=tcp action=drop dst-port=6969-6970 comment="GateCrasher,
    IRC 3, Net Controller, Priority"
    add chain=virus protocol=tcp action=drop dst-port=7000 comment="Exploit Translation
    Server, Kazimas, Remote Grab, SubSeven, SubSeven 2.1 Gold"
    add chain=virus protocol=tcp action=drop dst-port=7001 comment="Freak88, Freak2k"
    add chain=virus protocol=tcp action=drop dst-port=7215 comment="SubSeven, SubSeven
    2.1 Gold"
    add chain=virus protocol=tcp action=drop dst-port=7300-7308 comment="NetMonitor"
    add chain=virus protocol=tcp action=drop dst-port=7424 comment="Host Control"
    add chain=virus protocol=udp action=drop dst-port=7424 comment="Host Control"
    add chain=virus protocol=tcp action=drop dst-port=7597 comment="Qaz"
    add chain=virus protocol=tcp action=drop dst-port=7626 comment="Glacier"
    add chain=virus protocol=tcp action=drop dst-port=7777 comment="God Message, Tini"
    add chain=virus protocol=tcp action=drop dst-port=7789 comment="Back Door Setup,
    ICKiller"
    add chain=virus protocol=tcp action=drop dst-port=7891 comment="The ReVeNgEr"
    add chain=virus protocol=tcp action=drop dst-port=7983 comment="Mstream"
    add chain=virus protocol=tcp action=drop dst-port=8787 comment="Back Orifice 2000"
    add chain=virus protocol=tcp action=drop dst-port=8988 comment="BacHack"
    add chain=virus protocol=tcp action=drop dst-port=8989 comment="Rcon, Recon, Xcon"
    add chain=virus protocol=tcp action=drop dst-port=9000 comment="Netministrator"
    add chain=virus protocol=udp action=drop dst-port=9325 comment="Mstream"
    add chain=virus protocol=tcp action=drop dst-port=9400 comment="InCommand"
    add chain=virus protocol=tcp action=drop dst-port=9872-9875 comment="Portal of
    Doom"
    add chain=virus protocol=tcp action=drop dst-port=9876 comment="Cyber Attacker,
    Rux"
    add chain=virus protocol=tcp action=drop dst-port=9878 comment="TransScout"
    add chain=virus protocol=tcp action=drop dst-port=9989 comment="Ini-Killer"
    add chain=virus protocol=tcp action=drop dst-port=9999 comment="The Prayer"
    add chain=virus protocol=tcp action=drop dst-port=10000-10005 comment="OpwinTRojan"
    add chain=virus protocol=udp action=drop dst-port=10067 comment="Portal of Doom"
    add chain=virus protocol=tcp action=drop dst-port=10085-10086 comment="Syphillis"
    add chain=virus protocol=tcp action=drop dst-port=10100 comment="Control Total,
    Gift trojan"
    add chain=virus protocol=tcp action=drop dst-port=10101 comment="BrainSpy,
    Silencer"
    add chain=virus protocol=udp action=drop dst-port=10167 comment="Portal of Doom"
    add chain=virus protocol=tcp action=drop dst-port=10520 comment="Acid Shivers"
    add chain=virus protocol=tcp action=drop dst-port=10528 comment="Host Control"
    add chain=virus protocol=tcp action=drop dst-port=10607 comment="Coma"
    add chain=virus protocol=udp action=drop dst-port=10666 comment="Ambush"
    add chain=virus protocol=tcp action=drop dst-port=11000 comment="Senna Spy Trojan
    Generator"
    add chain=virus protocol=tcp action=drop dst-port=11050-11051 comment="Host
    Control"
    add chain=virus protocol=tcp action=drop dst-port=11223 comment="Progenic trojan,
    Secret Agent"
    add chain=virus protocol=tcp action=drop dst-port=12076 comment="Gjamer"
    add chain=virus protocol=tcp action=drop dst-port=12223 comment="Hack´99
    KeyLogger"
    add chain=virus protocol=tcp action=drop dst-port=12345 comment="Ashley, cron
    crontab, Fat Bitch trojan, GabanBus, icmp_client.c, icmp_pipe.c, Mypic, NetBus"
    add chain=virus protocol=tcp action=drop dst-port=12346 comment="Fat Bitch trojan,
    GabanBus, NetBus, X-bill"
    add chain=virus protocol=tcp action=drop dst-port=12349 comment="BioNet"
    add chain=virus protocol=tcp action=drop dst-port=12361-12363 comment="Whack-a-
    mole"
    add chain=virus protocol=udp action=drop dst-port=12623 comment="DUN Control"
    add chain=virus protocol=tcp action=drop dst-port=12624 comment="ButtMan"
    add chain=virus protocol=tcp action=drop dst-port=12631 comment="Whack Job"
    add chain=virus protocol=tcp action=drop dst-port=12754 comment="Mstream"
    add chain=virus protocol=tcp action=drop dst-port=13000 comment="Senna Spy Trojan
    Generator, Senna Spy Trojan Generator"
    add chain=virus protocol=tcp action=drop dst-port=13010 comment="Hacker Brasil HBR"
    add chain=virus protocol=tcp action=drop dst-port=13013-13014 comment="PsychWard"
    add chain=virus protocol=tcp action=drop dst-port=13223 comment="Hack´99
    KeyLogger"
    add chain=virus protocol=tcp action=drop dst-port=13473 comment="Chupacabra"
    add chain=virus protocol=tcp action=drop dst-port=14500-14503 comment="PC Invader"
    add chain=virus protocol=tcp action=drop dst-port=15000 comment="NetDemon"
    add chain=virus protocol=tcp action=drop dst-port=15092 comment="Host Control"
    add chain=virus protocol=tcp action=drop dst-port=15104 comment="Mstream"
    add chain=virus protocol=tcp action=drop dst-port=15382 comment="SubZero"
    add chain=virus protocol=tcp action=drop dst-port=15858 comment="CDK"
    add chain=virus protocol=tcp action=drop dst-port=16484 comment="Mosucker"
    add chain=virus protocol=tcp action=drop dst-port=16660 comment="Stacheldraht"
    add chain=virus protocol=tcp action=drop dst-port=16772 comment="ICQ Revenge"
    add chain=virus protocol=tcp action=drop dst-port=16959 comment="SubSeven, Subseven
    2.1.4 DefCon 8"
    add chain=virus protocol=tcp action=drop dst-port=16969 comment="Priority"
    add chain=virus protocol=tcp action=drop dst-port=17166 comment="Mosaic"
    add chain=virus protocol=tcp action=drop dst-port=17300 comment="Kuang2 the virus"
    add chain=virus protocol=tcp action=drop dst-port=17449 comment="Kid Terror"
    add chain=virus protocol=tcp action=drop dst-port=17499-17500 comment="CrazzyNet"
    add chain=virus protocol=tcp action=drop dst-port=17569 comment="Infector"
    add chain=virus protocol=tcp action=drop dst-port=17593 comment="Audiodoor"
    add chain=virus protocol=tcp action=drop dst-port=17777 comment="Nephron"
    add chain=virus protocol=udp action=drop dst-port=18753 comment="Shaft"
    add chain=virus protocol=tcp action=drop dst-port=19864 comment="ICQ Revenge"
    add chain=virus protocol=tcp action=drop dst-port=20000 comment="Millenium"
    add chain=virus protocol=tcp action=drop dst-port=20001 comment="Millenium,
    Millenium Lm"
    add chain=virus protocol=tcp action=drop dst-port=20002 comment="AcidkoR"
    add chain=virus protocol=tcp action=drop dst-port=20005 comment="Mosucker"
    add chain=virus protocol=tcp action=drop dst-port=20023 comment="VP Killer"
    add chain=virus protocol=tcp action=drop dst-port=20034 comment="NetBus 2.0 Pro,
    NetBus 2.0 Pro Hidden, NetRex, Whack Job"
    add chain=virus protocol=tcp action=drop dst-port=20203 comment="Chupacabra"
    add chain=virus protocol=tcp action=drop dst-port=20331 comment="BLA trojan"
    add chain=virus protocol=tcp action=drop dst-port=20432 comment="Shaft"
    add chain=virus protocol=udp action=drop dst-port=20433 comment="Shaft"
    add chain=virus protocol=tcp action=drop dst-port=21544 comment="GirlFriend, Kid
    Terror"
    add chain=virus protocol=tcp action=drop dst-port=21554 comment="Exploiter, Kid
    Terror, Schwindler, Winsp00fer"
    add chain=virus protocol=tcp action=drop dst-port=22222 comment="Donald Dick,
    Prosiak, Ruler, RUX The TIc.K"
    add chain=virus protocol=tcp action=drop dst-port=23005-23006 comment="NetTrash"
    add chain=virus protocol=tcp action=drop dst-port=23023 comment="Logged"
    add chain=virus protocol=tcp action=drop dst-port=23032 comment="Amanda"
    add chain=virus protocol=tcp action=drop dst-port=23432 comment="Asylum"
    add chain=virus protocol=tcp action=drop dst-port=23456 comment="Evil FTP, Ugly
    FTP, Whack Job"
    add chain=virus protocol=tcp action=drop dst-port=23476 comment="Donald Dick"
    add chain=virus protocol=udp action=drop dst-port=23476 comment="Donald Dick"
    add chain=virus protocol=tcp action=drop dst-port=23477 comment="Donald Dick"
    add chain=virus protocol=tcp action=drop dst-port=23777 comment="InetSpy"
    add chain=virus protocol=tcp action=drop dst-port=24000 comment="Infector"
    add chain=virus protocol=tcp action=drop dst-port=25685-25982 comment="Moonpie"
    add chain=virus protocol=udp action=drop dst-port=26274 comment="Delta Source"
    add chain=virus protocol=tcp action=drop dst-port=26681 comment="Voice Spy"
    add chain=virus protocol=tcp action=drop dst-port=27374 comment="Bad
    Blood,Ramen,Seeker,SubSeven, SubSeven 2.1 Gold, Subseven 2.1.4 DefCon 8, SubSeven
    Muie,Ttfloader"
    add chain=virus protocol=udp action=drop dst-port=27444 comment="Trinoo"
    add chain=virus protocol=tcp action=drop dst-port=27573 comment="SubSeven"
    add chain=virus protocol=tcp action=drop dst-port=27665 comment="Trinoo"
    add chain=virus protocol=tcp action=drop dst-port=28678 comment="Exploit"er
    add chain=virus protocol=tcp action=drop dst-port=29104 comment="NetTrojan"
    add chain=virus protocol=tcp action=drop dst-port=29369 comment="ovasOn"
    add chain=virus protocol=tcp action=drop dst-port=29891 comment="The Unexplained"
    add chain=virus protocol=tcp action=drop dst-port=30000 comment="Infector"
    add chain=virus protocol=tcp action=drop dst-port=30001 comment="ErrOr32"
    add chain=virus protocol=tcp action=drop dst-port=30003 comment="Lamers Death"
    add chain=virus protocol=tcp action=drop dst-port=30029 comment="AOL trojan"
    add chain=virus protocol=tcp action=drop dst-port=30100-30133 comment="NetSphere"
    add chain=virus protocol=udp action=drop dst-port=30103 comment="NetSphere"
    add chain=virus protocol=tcp action=drop dst-port=30303 comment="Sockets des Troie"
    add chain=virus protocol=tcp action=drop dst-port=30947 comment="Intruse"
    add chain=virus protocol=tcp action=drop dst-port=30999 comment="Kuang2"
    add chain=virus protocol=tcp action=drop dst-port=31335 comment="Trinoo"
    add chain=virus protocol=tcp action=drop dst-port=31336 comment="Bo Whack, Butt
    Funnel"
    add chain=virus protocol=tcp action=drop dst-port=31337 comment="Back Fire, Back
    Orifice 1.20 patches, Back Orifice Lm, Back Orifice russian, Baron Night, Beeone"
    add chain=virus protocol=udp action=drop dst-port=31337 comment="Back Orifice, Deep
    BO"
    add chain=virus protocol=tcp action=drop dst-port=31338 comment="Back Orifice, Butt
    Funnel, NetSpy DK"
    add chain=virus protocol=udp action=drop dst-port=31338 comment="Deep BO"
    add chain=virus protocol=tcp action=drop dst-port=31339 comment="NetSpy DK"
    add chain=virus protocol=tcp action=drop dst-port=31666 comment="BOWhack"
    add chain=virus protocol=tcp action=drop dst-port=31785-31792 comment="Hack a Tack"
    add chain=virus protocol=udp action=drop dst-port=31791-31792 comment="Hack a Tack"
    add chain=virus protocol=tcp action=drop dst-port=32001 comment="Donald Dick"
    add chain=virus protocol=tcp action=drop dst-port=32100 comment="Peanut Brittle,
    Project nEXT"
    add chain=virus protocol=tcp action=drop dst-port=32418 comment="Acid Battery"
    add chain=virus protocol=tcp action=drop dst-port=33270 comment="Trinity"
    add chain=virus protocol=tcp action=drop dst-port=33333 comment="Blakharaz,
    Prosiak"
    add chain=virus protocol=tcp action=drop dst-port=33577-33777 comment="Son of
    PsychWard"
    add chain=virus protocol=tcp action=drop dst-port=33911 comment="Spirit 2000,
    Spirit 2001"
    add chain=virus protocol=tcp action=drop dst-port=34324 comment="Big Gluck, TN"
    add chain=virus protocol=tcp action=drop dst-port=34444 comment="Donald Dick"
    add chain=virus protocol=udp action=drop dst-port=34555-35555 comment="Trinoo for
    Windows"
    add chain=virus protocol=tcp action=drop dst-port=37237 comment="Mantis"
    add chain=virus protocol=tcp action=drop dst-port=37651 comment="Yet Another Trojan
    YAT"
    add chain=virus protocol=tcp action=drop dst-port=40412 comment="The Spy"
    add chain=virus protocol=tcp action=drop dst-port=40421 comment="Agent 40421,
    Masters Paradise"
    add chain=virus protocol=tcp action=drop dst-port=40422-40426 comment="Masters
    Paradise"
    add chain=virus protocol=tcp action=drop dst-port=41337 comment="Storm"
    add chain=virus protocol=tcp action=drop dst-port=41666 comment="Remote Boot Tool
    RBT, Remote Boot Tool RBT"
    add chain=virus protocol=tcp action=drop dst-port=44444 comment="Prosiak"
    add chain=virus protocol=tcp action=drop dst-port=44575 comment="Exploiter"
    add chain=virus protocol=udp action=drop dst-port=47262 comment="Delta Source"
    add chain=virus protocol=tcp action=drop dst-port=49301 comment="OnLine KeyLogger"
    add chain=virus protocol=tcp action=drop dst-port=50130 comment="Enterprise"
    add chain=virus protocol=tcp action=drop dst-port=50505 comment="Sockets des Troie"
    add chain=virus protocol=tcp action=drop dst-port=50766 comment="Fore, Schwindler"
    add chain=virus protocol=tcp action=drop dst-port=51966 comment="Cafeini"
    add chain=virus protocol=tcp action=drop dst-port=52317 comment="Acid Battery 2000"
    add chain=virus protocol=tcp action=drop dst-port=53001 comment="Remote Windows
    Shutdown RWS"
    add chain=virus protocol=tcp action=drop dst-port=54283 comment="SubSeven, SubSeven
    2.1 Gold"
    add chain=virus protocol=tcp action=drop dst-port=54320 comment="Back Orifice 2000"
    add chain=virus protocol=tcp action=drop dst-port=54321 comment="Back Orifice 2000,
    School Bus"
    add chain=virus protocol=tcp action=drop dst-port=55165 comment="File Manager
    trojan, File Manager trojan, WM Trojan Generator"
    add chain=virus protocol=tcp action=drop dst-port=55166 comment="WM Trojan
    Generator"
    add chain=virus protocol=tcp action=drop dst-port=57341 comment="NetRaider"
    add chain=virus protocol=tcp action=drop dst-port=58339 comment="Butt Funnel"
    add chain=virus protocol=tcp action=drop dst-port=60000 comment="Deep Throat,
    Foreplay, Sockets des Troie"
    add chain=virus protocol=tcp action=drop dst-port=60001 comment="Trinity"
    add chain=virus protocol=tcp action=drop dst-port=60068 comment="Xzip 6000068"
    add chain=virus protocol=tcp action=drop dst-port=60411 comment="Connection"
    add chain=virus protocol=tcp action=drop dst-port=61348 comment="Bunker-Hill"
    add chain=virus protocol=tcp action=drop dst-port=61466 comment="TeleCommando"
    add chain=virus protocol=tcp action=drop dst-port=61603 comment="Bunker-Hill"
    add chain=virus protocol=tcp action=drop dst-port=63485 comment="Bunker-Hill"
    add chain=virus protocol=tcp action=drop dst-port=64101 comment="Taskman"
    add chain=virus protocol=tcp action=drop dst-port=65000 comment="Devil, Sockets des
    Troie, Stacheldraht"
    add chain=virus protocol=tcp action=drop dst-port=65390 comment="Eclypse"
    add chain=virus protocol=tcp action=drop dst-port=65421 comment="Jade"
    add chain=virus protocol=tcp action=drop dst-port=65432 comment="The Traitor
    th3tr41t0r"
    add chain=virus protocol=udp action=drop dst-port=65432 comment="The Traitor
    th3tr41t0r"
    add chain=virus protocol=tcp action=drop dst-port=65534 comment="sbin initd"
    add chain=virus protocol=tcp action=drop dst-port=65535 comment="RC1 trojan"
    add chain=forward action=jump jump-target=virus comment="jump to the virus chain"

    Вам также может понравиться