https://lms.onnocenter.or.id/wiki/index.php?action=history&feed=atom&title=Firewall_untuk_router_mikrotik Firewall untuk router mikrotik - Revision history 2026-04-20T06:33:27Z Revision history for this page on the wiki MediaWiki 1.45.1 https://lms.onnocenter.or.id/wiki/index.php?title=Firewall_untuk_router_mikrotik&diff=21632&oldid=prev Onnowpurbo at 01:37, 15 September 2010 2010-09-15T01:37:38Z <p></p> <table style="background-color: #fff; color: #202122;" data-mw="interface"> <col class="diff-marker" /> <col class="diff-content" /> <col class="diff-marker" /> <col class="diff-content" /> <tr class="diff-title" lang="en"> <td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td> <td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 01:37, 15 September 2010</td> </tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l5">Line 5:</td> <td colspan="2" class="diff-lineno">Line 5:</td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr> <tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Untuk mengamankan router mikrotik dari traffic virus dan excess ping dapat digunakan skrip firewall berikut</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Untuk mengamankan router mikrotik dari traffic <ins style="font-weight: bold; text-decoration: none;">[[</ins>virus<ins style="font-weight: bold; text-decoration: none;">]] </ins>dan excess ping dapat digunakan skrip <ins style="font-weight: bold; text-decoration: none;">[[</ins>firewall<ins style="font-weight: bold; text-decoration: none;">]] </ins>berikut</div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Pertama buat address-list &quot;ournetwork&quot; yang berisi alamat IP radio,  IP LAN dan IP WAN atau IP lainnya yang dapat dipercaya  </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Pertama buat address-list &quot;ournetwork&quot; yang berisi alamat IP radio,  IP LAN dan IP WAN atau IP lainnya yang dapat dipercaya  </div></td></tr> <tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l129">Line 129:</td> <td colspan="2" class="diff-lineno">Line 129:</td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Efek dari skrip diatas adalah:</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Efek dari skrip diatas adalah:</div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr> <tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div># router mikrotik hanya dapat diakses FTP, SSH, Web dan Winbox dari IP yang didefinisikan dalam address-list "ournetwork" sehingga tidak bisa diakses dari sembarang tempat.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div># router mikrotik hanya dapat diakses <ins style="font-weight: bold; text-decoration: none;">[[</ins>FTP<ins style="font-weight: bold; text-decoration: none;">]]</ins>, <ins style="font-weight: bold; text-decoration: none;">[[</ins>SSH<ins style="font-weight: bold; text-decoration: none;">]]</ins>, <ins style="font-weight: bold; text-decoration: none;">[[</ins>Web<ins style="font-weight: bold; text-decoration: none;">]] </ins>dan Winbox dari <ins style="font-weight: bold; text-decoration: none;">[[</ins>IP<ins style="font-weight: bold; text-decoration: none;">]] </ins>yang didefinisikan dalam address-list "ournetwork" sehingga tidak bisa diakses dari sembarang tempat.</div></td></tr> <tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div># Port-port yang sering dimanfaatkan virus di blok sehingga traffic virus tidak dapat dilewatkan, tetapi perlu diperhatikan jika ada user yang kesulitan mengakses service tertentu harus dicek pada chain="virus" apakah port yang dibutuhkan user tersebut terblok oleh firewall.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div># Port-port yang sering dimanfaatkan virus di blok sehingga traffic <ins style="font-weight: bold; text-decoration: none;">[[</ins>virus<ins style="font-weight: bold; text-decoration: none;">]] </ins>tidak dapat dilewatkan, tetapi perlu diperhatikan jika ada user yang kesulitan mengakses service tertentu harus dicek pada chain="virus" apakah port yang dibutuhkan user tersebut terblok oleh <ins style="font-weight: bold; text-decoration: none;">[[</ins>firewall<ins style="font-weight: bold; text-decoration: none;">]]</ins>.</div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div># Packet ping dibatasi untuk menghindari excess ping.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div># Packet ping dibatasi untuk menghindari excess ping.</div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr> </table> Onnowpurbo https://lms.onnocenter.or.id/wiki/index.php?title=Firewall_untuk_router_mikrotik&diff=21631&oldid=prev Onnowpurbo: /* Pranala Menarik */ 2010-09-15T01:36:46Z <p><span class="autocomment">Pranala Menarik</span></p> <table style="background-color: #fff; color: #202122;" data-mw="interface"> <col class="diff-marker" /> <col class="diff-content" /> <col class="diff-marker" /> <col class="diff-content" /> <tr class="diff-title" lang="en"> <td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td> <td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 01:36, 15 September 2010</td> </tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1">Line 1:</td> <td colspan="2" class="diff-lineno">Line 1:</td></tr> <tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> </del>Written by harijanto@datautama.net.id     </div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Written by harijanto@datautama.net.id     </div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>  http://www.datautama.net.id</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>  http://www.datautama.net.id</div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>  Thursday, 09 November 2006</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>  Thursday, 09 November 2006</div></td></tr> <tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l144">Line 144:</td> <td colspan="2" class="diff-lineno">Line 144:</td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* [[Sekitar Mikrotik]]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* [[Sekitar Mikrotik]]</div></td></tr> <tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* [[Linux Howto]]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* [[Linux Howto]]</div></td></tr> <tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr> <tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr> <tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">[[Category: WiFi Outdoor]]</ins></div></td></tr> </table> Onnowpurbo https://lms.onnocenter.or.id/wiki/index.php?title=Firewall_untuk_router_mikrotik&diff=3143&oldid=prev Onnowpurbo: New page: Written by harijanto@datautama.net.id http://www.datautama.net.id Thursday, 09 November 2006 Untuk mengamankan router mikrotik dari traffic virus dan excess ping dapat digunakan ... 2008-03-27T03:42:38Z <p>New page: Written by harijanto@datautama.net.id http://www.datautama.net.id Thursday, 09 November 2006 Untuk mengamankan router mikrotik dari traffic virus dan excess ping dapat digunakan ...</p> <p><b>New page</b></p><div> Written by harijanto@datautama.net.id <br /> http://www.datautama.net.id<br /> Thursday, 09 November 2006<br /> <br /> <br /> <br /> Untuk mengamankan router mikrotik dari traffic virus dan excess ping dapat digunakan skrip firewall berikut<br /> <br /> Pertama buat address-list &quot;ournetwork&quot; yang berisi alamat IP radio, IP LAN dan IP WAN atau IP lainnya yang dapat dipercaya <br /> <br /> Dalam contoh berikut alamat IP radio adalah = 10.0.0.0/16, IP LAN = 192.168.2.0/24 dan IP WAN = 203.89.24.0/21 dan IP lainnya yang dapat dipercaya = 202.67.33.7<br /> <br /> Untuk membuat address-list dapat menggunakan contoh skrip seperti berikut ini tinggal disesuaikan dengan konfigurasi jaringan Anda. <br /> <br /> Buat skrtip berikut menggunakan notepad kemudian copy-paste ke console mikrotik <br /> <br /> / ip firewall address-list<br /> add list=ournetwork address=203.89.24.0/21 comment=&quot;Datautama Network&quot; \<br /> disabled=no<br /> add list=ournetwork address=10.0.0.0/16 comment=&quot;IP Radio&quot; disabled=no<br /> add list=ournetwork address=192.168.2.0/24 comment=&quot;LAN Network&quot; disabled=no<br /> <br /> <br /> Selanjutnya copy-paste skrip berikut pada console mikrotik<br /> <br /> / ip firewall filter<br /> add chain=forward connection-state=established action=accept comment=&quot;allow \<br /> established connections&quot; disabled=no<br /> add chain=forward connection-state=related action=accept comment=&quot;allow \<br /> related connections&quot; disabled=no<br /> add chain=virus protocol=udp dst-port=135-139 action=drop comment=&quot;Drop \<br /> Messenger Worm&quot; disabled=no<br /> add chain=forward connection-state=invalid action=drop comment=&quot;drop invalid \<br /> connections&quot; disabled=no<br /> add chain=virus protocol=tcp dst-port=135-139 action=drop comment=&quot;Drop \<br /> Blaster Worm&quot; disabled=no<br /> add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment=&quot;Worm&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=445 action=drop comment=&quot;Drop Blaster \<br /> Worm&quot; disabled=no<br /> add chain=virus protocol=udp dst-port=445 action=drop comment=&quot;Drop Blaster \<br /> Worm&quot; disabled=no<br /> add chain=virus protocol=tcp dst-port=593 action=drop comment=&quot;________&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment=&quot;________&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=1080 action=drop comment=&quot;Drop MyDoom&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=1214 action=drop comment=&quot;________&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=1363 action=drop comment=&quot;ndm requester&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=1364 action=drop comment=&quot;ndm server&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=1368 action=drop comment=&quot;screen cast&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=1373 action=drop comment=&quot;hromgrafx&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=1377 action=drop comment=&quot;cichlid&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=2745 action=drop comment=&quot;Bagle Virus&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=2283 action=drop comment=&quot;Drop Dumaru.Y&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=2535 action=drop comment=&quot;Drop Beagle&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=2745 action=drop comment=&quot;Drop \<br /> Beagle.C-K&quot; disabled=no<br /> add chain=virus protocol=tcp dst-port=3127 action=drop comment=&quot;Drop MyDoom&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=3410 action=drop comment=&quot;Drop Backdoor \<br /> OptixPro&quot; disabled=no<br /> add chain=virus protocol=tcp dst-port=4444 action=drop comment=&quot;Worm&quot; \<br /> disabled=no<br /> add chain=virus protocol=udp dst-port=4444 action=drop comment=&quot;Worm&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=5554 action=drop comment=&quot;Drop Sasser&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=8866 action=drop comment=&quot;Drop Beagle.B&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=9898 action=drop comment=&quot;Drop \<br /> Dabber.A-B&quot; disabled=no<br /> add chain=virus protocol=tcp dst-port=10000 action=drop comment=&quot;Drop \<br /> Dumaru.Y, sebaiknya di didisable karena juga sering digunakan utk vpn atau \<br /> webmin&quot; disabled=yes<br /> add chain=virus protocol=tcp dst-port=10080 action=drop comment=&quot;Drop \<br /> MyDoom.B&quot; disabled=no<br /> add chain=virus protocol=tcp dst-port=12345 action=drop comment=&quot;Drop NetBus&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=17300 action=drop comment=&quot;Drop Kuang2&quot; \<br /> disabled=no<br /> add chain=virus protocol=tcp dst-port=27374 action=drop comment=&quot;Drop \<br /> SubSeven&quot; disabled=no<br /> add chain=virus protocol=tcp dst-port=65506 action=drop comment=&quot;Drop PhatBot, \<br /> Agobot, Gaobot&quot; disabled=no<br /> add chain=forward action=jump jump-target=virus comment=&quot;jump to the virus \<br /> chain&quot; disabled=no<br /> add chain=input connection-state=established action=accept comment=&quot;Accept \<br /> established connections&quot; disabled=no<br /> add chain=input connection-state=related action=accept comment=&quot;Accept related \<br /> connections&quot; disabled=no<br /> add chain=input connection-state=invalid action=drop comment=&quot;Drop invalid \<br /> connections&quot; disabled=no<br /> add chain=input protocol=udp action=accept comment=&quot;UDP&quot; disabled=no<br /> add chain=input protocol=icmp limit=50/5s,2 action=accept comment=&quot;Allow \<br /> limited pings&quot; disabled=no<br /> add chain=input protocol=icmp action=drop comment=&quot;Drop excess pings&quot; \<br /> disabled=no<br /> add chain=input protocol=tcp dst-port=21 src-address-list=ournetwork \<br /> action=accept comment=&quot;FTP&quot; disabled=no<br /> add chain=input protocol=tcp dst-port=22 src-address-list=ournetwork \<br /> action=accept comment=&quot;SSH for secure shell&quot; disabled=no<br /> add chain=input protocol=tcp dst-port=23 src-address-list=ournetwork \<br /> action=accept comment=&quot;Telnet&quot; disabled=no<br /> add chain=input protocol=tcp dst-port=80 src-address-list=ournetwork \<br /> action=accept comment=&quot;Web&quot; disabled=no<br /> add chain=input protocol=tcp dst-port=8291 src-address-list=ournetwork \<br /> action=accept comment=&quot;winbox&quot; disabled=no<br /> add chain=input protocol=tcp dst-port=1723 action=accept comment=&quot;pptp-server&quot; \<br /> disabled=no<br /> add chain=input src-address-list=ournetwork action=accept comment=&quot;From \<br /> Datautama network&quot; disabled=no<br /> add chain=input action=log log-prefix=&quot;DROP INPUT&quot; comment=&quot;Log everything \<br /> else&quot; disabled=no<br /> add chain=input action=drop comment=&quot;Drop everything else&quot; disabled=no <br /> <br /> <br /> <br /> Efek dari skrip diatas adalah:<br /> <br /> # router mikrotik hanya dapat diakses FTP, SSH, Web dan Winbox dari IP yang didefinisikan dalam address-list &quot;ournetwork&quot; sehingga tidak bisa diakses dari sembarang tempat.<br /> # Port-port yang sering dimanfaatkan virus di blok sehingga traffic virus tidak dapat dilewatkan, tetapi perlu diperhatikan jika ada user yang kesulitan mengakses service tertentu harus dicek pada chain=&quot;virus&quot; apakah port yang dibutuhkan user tersebut terblok oleh firewall.<br /> # Packet ping dibatasi untuk menghindari excess ping.<br /> <br /> Selain itu yang perlu diperhatikan adalah: sebaiknya buat user baru dan password dengan group full kemudian disable user admin, hal ini untuk meminimasi resiko mikrotik Anda di hack orang.<br /> <br /> Selamat mencoba <br /> <br /> <br /> <br /> <br /> ==Pranala Menarik==<br /> <br /> * [[Sekitar Mikrotik]]<br /> * [[Linux Howto]]</div> Onnowpurbo