正在被扫描,怎么办?
>echo: system,error,critical login failure for user Guest from 220.113.9.26 via ftp
每天都在扫,怎么才能不被扫,请知道的朋友帮帮我,谢谢! 关闭21端口 ip---services-----关闭一些不需要的服务端口 我的办法
/ ip service disable ftp
/ ip service disable ssh
/ ip service disable www
/ ip service disable telnet /ip firewall filter
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list \
address-list="port scanners" address-list-timeout=2w comment="Port \
scanners to list " disabled=no
add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg \
action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w comment="NMAP FIN Stealth scan" disabled=no
add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack \
action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w comment="FIN/PSH/URG scan" disabled=no
add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg \
action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w comment="ALL/ALL scan" disabled=no
add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg \
action=add-src-to-address-list address-list="port scanners" \
address-list-timeout=2w comment="NMAP NULL scan" disabled=no
add chain=input src-address-list="port scanners" action=drop comment="dropping \
port scanners" disabled=no
官方的防掃描規則 有很多贱人! 就是有人够TM无聊.! 改端口 / ip service set ftp port=你要的端口
/ ip service set www port=你要的端口
/ ip service set telnet port=你要的端口
/ ip service set ssh port=你要的端口 然后登陆帐号设置访问地址限制,需要外网登陆的设置DDNS+vpn,这样做了它还能攻进来那就没办法了
页:
[1]