/ip firewall filter
add action=accept chain=input comment="Allow limited pings" disabled=no limit=50/5s,2 protocol=icmp
add action=accept chain=input comment="" disabled=no limit=50/5s,2 protocol=icmp

Chain di atas digunakan untuk membatasi ping (ddos) yang ditujukan ke router kita.


add action=drop chain=input comment="drop FTP Brute Forcers" disabled=no dst-port=21 protocol=tcp src-address-list=FTP_BlackList
add action=drop chain=input comment="" disabled=no dst-port=21 protocol=tcp src-address-list=FTP_BlackList
add action=accept chain=output comment="" content="530 Login incorrect" disabled=no dst-limit=1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=FTP_BlackList address-list-timeout=1d chain=output comment="" content="530 Login incorrect" disabled=no protocol=tcp

chain di atas digunakan, apabila anda terpaksa harus mengaktifkan ftp di router anda.


add action=drop chain=input comment="drop SSH&TELNET Brute Forcers" disabled=no dst-port=22-23 protocol=tcp src-address-list=IP_BlackList
add action=add-src-to-address-list address-list=IP_BlackList address-list-timeout=1d chain=input comment="" connection-state=new disabled=no dst-port=22-23 protocol=tcp src-address-list=SSH_BlackList_3
add action=add-src-to-address-list address-list=SSH_BlackList_3 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22-23 protocol=tcp src-address-list=SSH_BlackList_2
add action=add-src-to-address-list address-list=SSH_BlackList_2 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22-23 protocol=tcp src-address-list=SSH_BlackList_1
add action=add-src-to-address-list address-list=SSH_BlackList_1 address-list-timeout=1m chain=input comment="" connection-state=new disabled=no dst-port=22-23 protocol=tcp

Chain ini digunakan untuk mengecek apakah ada aktivitas dari hacker yang mencoba untuk masuk ke router melalui port 22 (ssh) atau port 23 (telnet).
- Pada kesempatan pertama, ip hacker akan otomatis masuk ke address list SSH_BlackList_1 selama 1 menit.
- Apabila hacker tadi mencoba pada kesempatan kedua, maka ip nya akan masuk ke address list SSH_BlackList_2 selama 1 menit.
- Apabila hacker tadi masih mencoba untuk masuk, maka ip nya akan masuk ke address list SSH_BlackList_3 selama 1 menit
- Apabila hacker tadi masih mencoba sekali lagi untuk masuk ke router, maka ip hacker tsb akan masuk ke address list IP_BlackList, dan akan di banned dari router kita selama 1 hari.

cat: harap diperhatikan bahwa rule ini berlaku untuk kita. Jadi kalau kita lupa login atau password; atau salah mengetikkan password sebanyak 4x dalam kurun waktu kurang dari 1 menit; maka ip kita akan di banned oleh router kita sendiri selama 1 hari. karenanya jangan pernah melupakan password anda sendiri.


add action=drop chain=input comment="drop port scanners" disabled=no src-address-list=port_scanners
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list addresslist="port scanners" address-list-timeout=2w comment="Port scanners to list" disabled=no

Chain ini dipakai untuk mendaftar ip ke black-list address list. Chain selanjutnya untuk mendeteksi apakah ada indikasi aktifitas port scanner:


add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list=port_scanners address-list-timeout=2w chain=input comment="" disabled=no protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg

Secara singkat, perintah di atas berarti apabila ada tanda2 serangan seperti yang sudah ditandai di atas, maka ip hacker tsb akan dimasukkan ke dalam address list port-scanner selama 2 minggu (sesuaikan berapa lama anda ingin memblock ip tsb)




Sumber
Download Nitro PDF Pro 7 32bit 64bit Full Crack Free

Nitro PDF Pro 7 Description:

Nitro PDF Pro 7  interface has been completely redesigned with the ribbon-style navigation of Microsoft Office 2010. If you’re familiar with ribbon tabs, then zipping around Nitro should be a breeze. On the other hand, if you’re new to this style of navigation, it could take some time to get acquainted. The top-level tabs include File, Home, Edit, Review, Forms, Protect, and Help. Click on any one to reveal a row of buttons below it. It’s all pretty intuitive, and each tool is accompanied by an icon, which makes for an enjoyably straightforward experience.

As for the guts of the program, Nitro PDF Pro 7 offers all of the functionality you would expect from a complete PDF package. It makes it very easy to create, convert, insert, edit, review, secure, and sign PDF files. Plus, it supports Microsoft DMS, comes with a Web browser plug-in, can show or hide OCG layers, and can redact text, images, and pages securely.

The convert function works perfectly, allowing you to convert batches of PDFs to Word or Excel files, images, or even plain text. There’s also a Stamp Signature tool, which captures, stores, and overlays your handwritten signature on PDF files, and even password-protects your saved signatures so other users can’t gain access.

Overall, we think Nitro Pro 7 provides just about everything you could ask for from an all-in-one PDF solution. With its rich feature set and intuitive interface, it makes simple PDF manipulation a snap, and it gives you the power to add stamps, watermarks, and security to your documents

Nitro PDF Professional, the complete Adobe Acrobat alternative, enables you to do more with PDF through powerful tools to create, convert, edit, combine, secure, annotate, form-fill, and save industry-standard PDF files. Export text and images from PDF files for reuse in other applications, creating files that are highly editable and retain the look and feel of the original. Generate files with well-formatted, correctly-justified and easy-to-edit paragraphs.

Turn tabular content into editable tables, including complex and irregular tables that other converters can’t. Convert vector-based images into scalable objects in Microsoft Word, wherever possible. Summarize all comments so you can view them alongside page content, either on screen or on paper. Use a customizable grid to layout objects, such as form fields and links, faster and more precisely.

Download Link: Total 55MB + KeyGen

Copyright © 2015 JanuriDP's Blog All Right Reserved
Created by Dicky Bust Powered by Blogger