Monthly Archives: January 2010

Jan 21 2010

Daftar Port Virus di mikrotik

add chain=forward connection-state=invalid action=drop comment=”drop invalid connections” disabled=no
add chain=forward protocol=tcp dst-port=28 action=drop comment=” Amanda.200″
add chain=forward protocol=tcp dst-port=31 action=drop comment=” MastersParadise.920″
add chain=forward protocol=tcp dst-port=68 action=drop comment=” Subseven.100″
add chain=forward protocol=tcp dst-port=142 action=drop comment=” NetTaxi.180″
add chain=forward protocol=tcp dst-port=146 action=drop comment=” Infector.141, Intruder.100, Intruder.100″
add chain=forward protocol=tcp dst-port=171 action=drop comment=” ATrojan.200″
add chain=forward protocol=tcp dst-port=285-286 action=drop comment=” WCTrojan.100″
add chain=forward protocol=tcp dst-port=334 action=drop comment=” Backage.310″
add chain=forward protocol=tcp dst-port=370 action=drop comment=” NeuroticKat.120, NeuroticKat.130″
add chain=forward protocol=tcp dst-port=413 action=drop comment=” Coma.109″
add chain=forward protocol=tcp dst-port=420 action=drop comment=” Breach.450″
add chain=forward protocol=tcp dst-port=555 action=drop comment=” Id2001.100, PhaseZero.100, StealthSpy.100″
add chain=forward protocol=tcp dst-port=623 action=drop comment=” Rtb666.160″
add chain=forward protocol=tcp dst-port=660 action=drop comment=” Zaratustra.100″
add chain=forward protocol=tcp dst-port=661 action=drop comment=” Noknok.800, Noknok.820″
add chain=forward protocol=tcp dst-port=666 action=drop comment=” BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110″
add chain=forward protocol=tcp dst-port=667 action=drop comment=” SniperNet.210, Snipernet.220″
add chain=forward protocol=tcp dst-port=668 action=drop comment=” Unicorn.101, Unicorn.110″
add chain=forward protocol=tcp dst-port=680 action=drop comment=” Rtb666.160″
add chain=forward protocol=tcp dst-port=777 action=drop comment=” Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332″
add chain=forward protocol=tcp dst-port=785 action=drop comment=” NetworkTerrorist.100″
add chain=forward protocol=tcp dst-port=800 action=drop comment=” NeuroticKitten.010″
add chain=forward protocol=tcp dst-port=831 action=drop comment=” NeuroticKat.100, NeuroticKat.120, NeuroticKat.130″
add chain=forward protocol=tcp dst-port=901 action=drop comment=” NetDevil.130, NetDevil.140″
add chain=forward protocol=tcp dst-port=1000 action=drop comment=” DerSpaeher.200″
add chain=forward protocol=tcp dst-port=1001 action=drop comment=” Silencer.100″
add chain=forward protocol=tcp dst-port=1008 action=drop comment=” AutoSpy.100″
add chain=forward protocol=tcp dst-port=1010 action=drop comment=” DerSpaeher.200″
add chain=forward protocol=tcp dst-port=1015 action=drop comment=” Doly.150″
add chain=forward protocol=tcp dst-port=1111 action=drop comment=” TPort.100″
add chain=forward protocol=tcp dst-port=1130 action=drop comment=” Noknok.800, Noknok.820″
add chain=forward protocol=tcp dst-port=1207 action=drop comment=” SoftWAR.100″
add chain=forward protocol=tcp dst-port=1243 action=drop comment=” Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200″
add chain=forward protocol=tcp dst-port=1245 action=drop comment=” VoodooDoll.006″
add chain=forward protocol=tcp dst-port=1269 action=drop comment=” Matrix.130″
add chain=forward protocol=tcp dst-port=1480 action=drop comment=” RemoteHack.130″
add chain=forward protocol=tcp dst-port=1568 action=drop comment=” RemoteHack.100, RemoteHack.110″
add chain=forward protocol=tcp dst-port=1600-1602 action=drop comment=” DirectConnection.100″
add chain=forward protocol=tcp dst-port=1634 action=drop comment=” NetCrack.100″
add chain=forward protocol=tcp dst-port=1784 action=drop comment=” Snid.120, Snid.212″
add chain=forward protocol=tcp dst-port=1999 action=drop comment=” TransmissionScout.100, TransmissionScout.110″
add chain=forward protocol=tcp dst-port=2000 action=drop comment=” ATrojan.200, InsaneNetwork.400″
add chain=forward protocol=tcp dst-port=2001 action=drop comment=” DIRT.220, TrojanCow.100″
add chain=forward protocol=tcp dst-port=2003 action=drop comment=” TransmissionScout.100, TransmissionScout.110″
add chain=forward protocol=tcp dst-port=2023 action=drop comment=” RipperPro.100″
add chain=forward protocol=tcp dst-port=2040 action=drop comment=” InfernoUploader.100″
add chain=forward protocol=tcp dst-port=2115 action=drop comment=” Bugs.100″
add chain=forward protocol=tcp dst-port=2140 action=drop comment=” DeepThroat.100, DeepThroat.200, DeepThroat.310″
add chain=forward protocol=tcp dst-port=2332 action=drop comment=” SilentSpy.202″
add chain=forward protocol=tcp dst-port=2589 action=drop comment=” Dagger.140″
add chain=forward protocol=tcp dst-port=2600 action=drop comment=” DigitalRootbeer.100″
add chain=forward protocol=tcp dst-port=2989 action=drop comment=” Rat.200″
add chain=forward protocol=tcp dst-port=3128 action=drop comment=” MastersParadise.970″
add chain=forward protocol=tcp dst-port=3129 action=drop comment=” MastersParadise.920, MastersParadise.970″
add chain=forward protocol=tcp dst-port=3150 action=drop comment=” DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110″
add chain=forward protocol=tcp dst-port=3215 action=drop comment=” BlackStar.100, Ghost.230″
add chain=forward protocol=tcp dst-port=3333 action=drop comment=” Daodan.123″
add chain=forward protocol=tcp dst-port=3410 action=drop comment=” OptixPro.100, OptixPro.110″
add chain=forward protocol=tcp dst-port=3456 action=drop comment=” Force.155, TerrorTrojan.100″
add chain=forward protocol=tcp dst-port=3505 action=drop comment=” AutoSpy.130, AutoSpy.140″
add chain=forward protocol=tcp dst-port=3586 action=drop comment=” Snid.120, Snid.212″
add chain=forward protocol=tcp dst-port=3700 action=drop comment=” PortalOfDoom.100″
add chain=forward protocol=tcp dst-port=3723 action=drop comment=” Mantis.100″
add chain=forward protocol=tcp dst-port=3800 action=drop comment=” Eclypse.100″
add chain=forward protocol=tcp dst-port=3996 action=drop comment=” RemoteAnything.364″
add chain=forward protocol=tcp dst-port=4000 action=drop comment=” SkyDance.220, SkyDance.229″
add chain=forward protocol=tcp dst-port=4201 action=drop comment=” Wartrojan.160, Wartrojan.200″
add chain=forward protocol=tcp dst-port=4225 action=drop comment=” SilentSpy.202″
add chain=forward protocol=tcp dst-port=4321 action=drop comment=” Bobo.100″
add chain=forward protocol=tcp dst-port=4444 action=drop comment=” AlexTrojan.200, Crackdown.100″
add chain=forward protocol=tcp dst-port=4488 action=drop comment=” EventHorizon.100″
add chain=forward protocol=tcp dst-port=4523 action=drop comment=” Celine.100″
add chain=forward protocol=tcp dst-port=4545 action=drop comment=” InternalRevise.100, RemoteRevise.150″
add chain=forward protocol=tcp dst-port=4567 action=drop comment=” FileNail.100″
add chain=forward protocol=tcp dst-port=4666 action=drop comment=” Mneah.100″
add chain=forward protocol=tcp dst-port=4950 action=drop comment=” ICQTrojan.100″
add chain=forward protocol=tcp dst-port=5005 action=drop comment=” Aladino.060″
add chain=forward protocol=tcp dst-port=5025 action=drop comment=” Keylogger.WMRemote.100″
add chain=forward protocol=tcp dst-port=5031 action=drop comment=” NetMetro.104″
add chain=forward protocol=tcp dst-port=5032 action=drop comment=” NetMetro.104″
add chain=forward protocol=tcp dst-port=5033 action=drop comment=” NetMetro.104″
add chain=forward protocol=tcp dst-port=5151 action=drop comment=” OptixLite.020, OptixLite.030, OptixLite.040″
add chain=forward protocol=tcp dst-port=5190 action=drop comment=” MBomber.100″
add chain=forward protocol=tcp dst-port=5277 action=drop comment=” WinShell.400″
add chain=forward protocol=tcp dst-port=5343 action=drop comment=” WCRat.100″
add chain=forward protocol=tcp dst-port=5400 action=drop comment=” BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300″
add chain=forward protocol=tcp dst-port=5401 action=drop comment=” BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100″
add chain=forward protocol=tcp dst-port=5402 action=drop comment=” BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100″
add chain=forward protocol=tcp dst-port=5534 action=drop comment=” TheFlu.100″
add chain=forward protocol=tcp dst-port=5550 action=drop comment=” XTCP.200, XTCP.201″
add chain=forward protocol=tcp dst-port=5555 action=drop comment=” Noxcape.100, Noxcape.200″
add chain=forward protocol=tcp dst-port=5695 action=drop comment=” Assassin.100″
add chain=forward protocol=tcp dst-port=5714 action=drop comment=” WinCrash.100″
add chain=forward protocol=tcp dst-port=5741 action=drop comment=” WinCrash.100″
add chain=forward protocol=tcp dst-port=5742 action=drop comment=” WinCrash.103″
add chain=forward protocol=tcp dst-port=5802 action=drop comment=” Y3KRat.160″
add chain=forward protocol=tcp dst-port=5810 action=drop comment=” Y3KRat.160″
add chain=forward protocol=tcp dst-port=5838 action=drop comment=” Y3KRat.170″
add chain=forward protocol=tcp dst-port=5858 action=drop comment=” Y3KRat.110, Y3KRat.120, Y3KRat.140″
add chain=forward protocol=tcp dst-port=5880 action=drop comment=” Y3KRat.140″
add chain=forward protocol=tcp dst-port=5881 action=drop comment=” Y3KRat.110, Y3KRat.120, Y3KRat.140″
add chain=forward protocol=tcp dst-port=5882 action=drop comment=” Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150″
add chain=forward protocol=tcp dst-port=5883 action=drop comment=” Y3KRat.110, Y3KRat.140″
add chain=forward protocol=tcp dst-port=5884 action=drop comment=” Y3KRat.140, Y3KRat.150″
add chain=forward protocol=tcp dst-port=5885 action=drop comment=” Y3KRat.110, Y3KRat.120, Y3KRat.140″
add chain=forward protocol=tcp dst-port=5886 action=drop comment=” Y3KRat.120, Y3KRat.140″
add chain=forward protocol=tcp dst-port=5887 action=drop comment=” Y3KRat.110, Y3KRat.120, Y3KRat.140″
add chain=forward protocol=tcp dst-port=5888 action=drop comment=” Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150″
add chain=forward protocol=tcp dst-port=5889 action=drop comment=” Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150″
add chain=forward protocol=tcp dst-port=5890 action=drop comment=” Y3KRat.140″
add chain=forward protocol=tcp dst-port=6400 action=drop comment=” Thething.100, Thething.150″
add chain=forward protocol=tcp dst-port=6556 action=drop comment=” AutoSpy.120, AutoSpy.122″
add chain=forward protocol=tcp dst-port=6655 action=drop comment=” Aqua.020″
add chain=forward protocol=tcp dst-port=6660 action=drop comment=” LameSpy.095″
add chain=forward protocol=tcp dst-port=6666 action=drop comment=” LameRemote.100, ProjectMayhem.100″
add chain=forward protocol=tcp dst-port=6669 action=drop comment=” Vampire.100″
add chain=forward protocol=tcp dst-port=6670 action=drop comment=” DeepThroat.200, DeepThroat.210″
add chain=forward protocol=tcp dst-port=6671 action=drop comment=” DeepThroat.310″
add chain=forward protocol=tcp dst-port=6699 action=drop comment=” HostControl.101″
add chain=forward protocol=tcp dst-port=6711 action=drop comment=” DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190″
add chain=forward protocol=tcp dst-port=6712 action=drop comment=” Subseven.100″
add chain=forward protocol=tcp dst-port=6713 action=drop comment=” Subseven.100″
add chain=forward protocol=tcp dst-port=6767 action=drop comment=” NTRC.120″
add chain=forward protocol=tcp dst-port=6776 action=drop comment=” SubSeven.180, SubSeven.190, Subseven.200″
add chain=forward protocol=tcp dst-port=6789 action=drop comment=” Doly.200″
add chain=forward protocol=tcp dst-port=6796 action=drop comment=” SubSeven.214″
add chain=forward protocol=tcp dst-port=6912 action=drop comment=” ShitHeep.100″
add chain=forward protocol=tcp dst-port=6939 action=drop comment=” Indoctrination.100″
add chain=forward protocol=tcp dst-port=6953 action=drop comment=” Lithium.100″
add chain=forward protocol=tcp dst-port=6969 action=drop comment=” 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120″
add chain=forward protocol=tcp dst-port=6970 action=drop comment=” Danton.330″
add chain=forward protocol=tcp dst-port=7001 action=drop comment=” Freak88.100″
add chain=forward protocol=tcp dst-port=7119 action=drop comment=” Massaker.100″
add chain=forward protocol=tcp dst-port=7200 action=drop comment=” Massaker.110″
add chain=forward protocol=tcp dst-port=7300 action=drop comment=” Coced.221″
add chain=forward protocol=tcp dst-port=7301action=drop comment=” Coced.221″
add chain=forward protocol=tcp dst-port=7306 action=drop comment=” NetSpy.200, NetSpy.200″
add chain=forward protocol=tcp dst-port=7410 action=drop comment=” Phoenix.190, Phoenix.200″
add chain=forward protocol=tcp dst-port=7511 action=drop comment=” Genue.100″
add chain=forward protocol=tcp dst-port=7609 action=drop comment=” Snid.120, Snid.212″
add chain=forward protocol=tcp dst-port=7614 action=drop comment=” Wollf.130″
add chain=forward protocol=tcp dst-port=7648 action=drop comment=” BlackStar.100, Ghost.230″
add chain=forward protocol=tcp dst-port=7788 action=drop comment=” Last.2000, Matrix.200″
add chain=forward protocol=tcp dst-port=7826 action=drop comment=” MiniOblivion.010, Oblivion.010″
add chain=forward protocol=tcp dst-port=7887 action=drop comment=” SmallFun.110″
add chain=forward protocol=tcp dst-port=7891 action=drop comment=” Revenger.100″
add chain=forward protocol=tcp dst-port=7979 action=drop comment=” VagrNocker.200″
add chain=forward protocol=tcp dst-port=7997 action=drop comment=” VagrNocker.200″
add chain=forward protocol=tcp dst-port=8000 action=drop comment=” XConsole.100″
add chain=forward protocol=tcp dst-port=8011 action=drop comment=” Way.240″
add chain=forward protocol=tcp dst-port=8012 action=drop comment=” Ptakks.215, Ptakks.217″
add chain=forward protocol=tcp dst-port=8110 action=drop comment=” LoseLove.100″
add chain=forward protocol=tcp dst-port=8111 action=drop comment=” LoseLove.100″
add chain=forward protocol=tcp dst-port=8301 action=drop comment=” LoseLove.100″
add chain=forward protocol=tcp dst-port=8302 action=drop comment=” LoseLove.100″
add chain=forward protocol=tcp dst-port=8372 action=drop comment=” NetBoy.100″
add chain=forward protocol=tcp dst-port=8720 action=drop comment=” Connection.130″
add chain=forward protocol=tcp dst-port=8734 action=drop comment=” AutoSpy.110″
add chain=forward protocol=tcp dst-port=8811 action=drop comment=” Force.155″
add chain=forward protocol=tcp dst-port=8899 action=drop comment=” Last.2000″
add chain=forward protocol=tcp dst-port=9000 action=drop comment=” Aristotles.100″
add chain=forward protocol=tcp dst-port=9301 action=drop comment=” LoseLove.100″
add chain=forward protocol=tcp dst-port=9400 action=drop comment=” InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170″
add chain=forward protocol=tcp dst-port=9401 action=drop comment=” InCommand.100, InCommand.110, InCommand.170″
add chain=forward protocol=tcp dst-port=9402 action=drop comment=” InCommand.100, InCommand.110″
add chain=forward protocol=tcp dst-port=9561 action=drop comment=” CRatPro.110″
add chain=forward protocol=tcp dst-port=9563 action=drop comment=” CRatPro.110″
add chain=forward protocol=tcp dst-port=9580 action=drop comment=” TheefLE.100″
add chain=forward protocol=tcp dst-port=9696 action=drop comment=” Danton.210, Ghost.230″
add chain=forward protocol=tcp dst-port=9697 action=drop comment=” Danton.320, Danton.330, Ghost.230″
add chain=forward protocol=tcp dst-port=9870 action=drop comment=” R3C.100″
add chain=forward protocol=tcp dst-port=9872 action=drop comment=” PortalOfDoom.100″
add chain=forward protocol=tcp dst-port=9873 action=drop comment=” PortalOfDoom.100″
add chain=forward protocol=tcp dst-port=9874 action=drop comment=” PortalOfDoom.100″
add chain=forward protocol=tcp dst-port=9875 action=drop comment=” PortalOfDoom.100″
add chain=forward protocol=tcp dst-port=9876 action=drop comment=” Rux.100, SheepGoat.100″
add chain=forward protocol=tcp dst-port=9877 action=drop comment=” SmallBigBrother.020″
add chain=forward protocol=tcp dst-port=9878 action=drop comment=” SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120″
add chain=forward protocol=tcp dst-port=9879 action=drop comment=” SmallBigBrother.020″
add chain=forward protocol=tcp dst-port=9999 action=drop comment=” ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300″
add chain=forward protocol=tcp dst-port=10001 action=drop comment=” DTr.130, DTr.140″
add chain=forward protocol=tcp dst-port=10013 action=drop comment=” Amanda.200″
add chain=forward protocol=tcp dst-port=10067 action=drop comment=” PortalOfDoom.100″
add chain=forward protocol=tcp dst-port=10100 action=drop comment=” Gift.240″
add chain=forward protocol=tcp dst-port=10101 action=drop comment=” NewSilencer.100″
add chain=forward protocol=tcp dst-port=10167 action=drop comment=” PortalOfDoom.100″
add chain=forward protocol=tcp dst-port=10528 action=drop comment=” HostControl.100, HostControl.260″
add chain=forward protocol=tcp dst-port=10607 action=drop comment=” Coma.109″
add chain=forward protocol=tcp dst-port=10666 action=drop comment=” Ambush.100″
add chain=forward protocol=tcp dst-port=11011 action=drop comment=” Amanda.200″
add chain=forward protocol=tcp dst-port=11050 action=drop comment=” HostControl.101″
add chain=forward protocol=tcp dst-port=11051 action=drop comment=” HostControl.100, HostControl.260″
add chain=forward protocol=tcp dst-port=11223 action=drop comment=” AntiNuke.100, Progenic.100, Progenic.110″
add chain=forward protocol=tcp dst-port=11225 action=drop comment=” Cyn.100, Cyn.103, Cyn.120″
add chain=forward protocol=tcp dst-port=11306 action=drop comment=” Noknok.800, Noknok.820″
add chain=forward protocol=tcp dst-port=11831 action=drop comment=” Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400″
add chain=forward protocol=tcp dst-port=11991 action=drop comment=” PitfallSurprise.100″
add chain=forward protocol=tcp dst-port=12043 action=drop comment=” Frenzy.2000″
add chain=forward protocol=tcp dst-port=12345 action=drop comment=” Fade.100, Netbus.160, Netbus.170, VagrNocker.400″
add chain=forward protocol=tcp dst-port=12346 action=drop comment=” Netbus.160, Netbus.170″
add chain=forward protocol=tcp dst-port=12348 action=drop comment=” Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317″
add chain=forward protocol=tcp dst-port=12349 action=drop comment=” Bionet.084, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402″
add chain=forward protocol=tcp dst-port=12389 action=drop comment=” KheSanh.210″
add chain=forward protocol=tcp dst-port=12478 action=drop comment=” Bionet.210″
add chain=forward protocol=tcp dst-port=12623 action=drop comment=” Buttman.090, Buttman.100″
add chain=forward protocol=tcp dst-port=12624 action=drop comment=” Buttman.090, Buttman.100″
add chain=forward protocol=tcp dst-port=12625 action=drop comment=” Buttman.100″
add chain=forward protocol=tcp dst-port=12904 action=drop comment=” Akropolis.100, Rocks.100″
add chain=forward protocol=tcp dst-port=13473 action=drop comment=” Chupacabra.100″
add chain=forward protocol=tcp dst-port=13753 action=drop comment=” AFTP.010″
add chain=forward protocol=tcp dst-port=14100 action=drop comment=” Eurosol.100″
add chain=forward protocol=tcp dst-port=14194 action=drop comment=” CyberSpy.840″
add chain=forward protocol=tcp dst-port=14286 action=drop comment=” HellDriver.100″
add chain=forward protocol=tcp dst-port=14500 action=drop comment=” PCInvader.050, PCInvader.060, PCInvader.070″
add chain=forward protocol=tcp dst-port=14501 action=drop comment=” PCInvader.060, PCInvader.070″
add chain=forward protocol=tcp dst-port=14502 action=drop comment=” PCInvader.050, PCInvader.060, PCInvader.070″
add chain=forward protocol=tcp dst-port=14503 action=drop comment=” PCInvader.050, PCInvader.060, PCInvader.070″
add chain=forward protocol=tcp dst-port=14504 action=drop comment=” PCInvader.050, PCInvader.060″
add chain=forward protocol=tcp dst-port=15092 action=drop comment=” HostControl.100, HostControl.260″
add chain=forward protocol=tcp dst-port=15382 action=drop comment=” SubZero.100″
add chain=forward protocol=tcp dst-port=15432 action=drop comment=” Cyn.210″
add chain=forward protocol=tcp dst-port=15555 action=drop comment=” ICMIBC.100″
add chain=forward protocol=tcp dst-port=16322 action=drop comment=” LastDoor.100″
add chain=forward protocol=tcp dst-port=16484 action=drop comment=” MoSucker.110″
add chain=forward protocol=tcp dst-port=16661 action=drop comment=” Dfch.010″
add chain=forward protocol=tcp dst-port=16969 action=drop comment=” Progenic.100″
add chain=forward protocol=tcp dst-port=16982 action=drop comment=” AcidShiver.100″
add chain=forward protocol=tcp dst-port=17300 action=drop comment=” Kuang.200″
add chain=forward protocol=tcp dst-port=17499 action=drop comment=” CrazzyNet.370, CrazzyNet.375, CrazzyNet.521″
add chain=forward protocol=tcp dst-port=17500 action=drop comment=” CrazzyNet.370, CrazzyNet.375, CrazzyNet.521″
add chain=forward protocol=tcp dst-port=17569 action=drop comment=” Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100″
add chain=forward protocol=tcp dst-port=17593 action=drop comment=” AudioDoor.120″
add chain=forward protocol=tcp dst-port=19191 action=drop comment=” BlueFire.035, BlueFire.041″
add chain=forward protocol=tcp dst-port=19604 action=drop comment=” Metal.270″
add chain=forward protocol=tcp dst-port=19605 action=drop comment=” Metal.270″
add chain=forward protocol=tcp dst-port=19991 action=drop comment=” Dfch.010″
add chain=forward protocol=tcp dst-port=20000 action=drop comment=” Millenium.100″
add chain=forward protocol=tcp dst-port=20001 action=drop comment=” Millenium.100, PshychoFiles.180″
add chain=forward protocol=tcp dst-port=20002 action=drop comment=” AcidKor.100, PshychoFiles.180″
add chain=forward protocol=tcp dst-port=20005 action=drop comment=” MoSucker.200, MoSucker.210, MoSucker.220″
add chain=forward protocol=tcp dst-port=21212 action=drop comment=” Schwindler.182″
add chain=forward protocol=tcp dst-port=21554 action=drop comment=” Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135″
add chain=forward protocol=tcp dst-port=21579 action=drop comment=” Breach.2001″
add chain=forward protocol=tcp dst-port=21584 action=drop comment=” Breach.2001″
add chain=forward protocol=tcp dst-port=21684 action=drop comment=” Intruse.134″
add chain=forward protocol=tcp dst-port=22068 action=drop comment=” AcidShiver.110″
add chain=forward protocol=tcp dst-port=22115 action=drop comment=” Cyn.120″
add chain=forward protocol=tcp dst-port=22222 action=drop comment=” Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600″
add chain=forward protocol=tcp dst-port=22223 action=drop comment=” Rux.400, Rux.500, Rux.600″
add chain=forward protocol=tcp dst-port=22456 action=drop comment=” Bla.200, Bla.503″
add chain=forward protocol=tcp dst-port=22457 action=drop comment=” AcidShiver.120, Bla.200, Bla.503″
add chain=forward protocol=tcp dst-port=22784 action=drop comment=” Intruzzo.110″
add chain=forward protocol=tcp dst-port=22845 action=drop comment=” Breach.450″
add chain=forward protocol=tcp dst-port=22847 action=drop comment=” Breach.450″
add chain=forward protocol=tcp dst-port=23005 action=drop comment=” Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100″
add chain=forward protocol=tcp dst-port=23006 action=drop comment=” Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100″
add chain=forward protocol=tcp dst-port=23032 action=drop comment=” Amanda.200″
add chain=forward protocol=tcp dst-port=23432 action=drop comment=” Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110″
add chain=forward protocol=tcp dst-port=23456 action=drop comment=” EvilFTP.100, VagrNocker.400″
add chain=forward protocol=tcp dst-port=23476 action=drop comment=” DonaldDick.153, DonaldDick.154, DonaldDick.155″
add chain=forward protocol=tcp dst-port=23477 action=drop comment=” DonaldDick.153″
add chain=forward protocol=tcp dst-port=24000 action=drop comment=” Infector.170″
add chain=forward protocol=tcp dst-port=24307 action=drop comment=” Wildek.020″
add chain=forward protocol=tcp dst-port=25386 action=drop comment=” MoonPie.220″
add chain=forward protocol=tcp dst-port=25486 action=drop comment=” MoonPie.220″
add chain=forward protocol=tcp dst-port=25555 action=drop comment=” FreddyK.100, FreddyK.200″
add chain=forward protocol=tcp dst-port=25556 action=drop comment=” FreddyK.100″
add chain=forward protocol=tcp dst-port=25685 action=drop comment=” MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400″
add chain=forward protocol=tcp dst-port=25686 action=drop comment=” MoonPie.135, MoonPie.200, MoonPie.400″
add chain=forward protocol=tcp dst-port=25982 action=drop comment=” MoonPie.135, MoonPie.200″
add chain=forward protocol=tcp dst-port=26274 action=drop comment=” Delta.050″
add chain=forward protocol=tcp dst-port=27160 action=drop comment=” MoonPie.135, MoonPie.200″
add chain=forward protocol=tcp dst-port=27184 action=drop comment=” Alvgus.100, Alvgus.800″
add chain=forward protocol=tcp dst-port=27374 action=drop comment=” Muerte.110, Subseven.210, SubSeven.213″
add chain=forward protocol=tcp dst-port=28429-28436 action=drop comment=” Hack’a’Tack.2000″
add chain=forward protocol=tcp dst-port=29559 action=drop comment=” DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400″
add chain=forward protocol=tcp dst-port=29891 action=drop comment=” Unexplained.100″
add chain=forward protocol=tcp dst-port=30000 action=drop comment=” Infector.170″
add chain=forward protocol=tcp dst-port=30001 action=drop comment=” Error32.100″
add chain=forward protocol=tcp dst-port=30003 action=drop comment=” LamersDeath.100″
add chain=forward protocol=tcp dst-port=30029action=drop comment=” AOLTrojan.110″
add chain=forward protocol=tcp dst-port=30100-30103 action=drop comment=” NetSphere.127, NetSphere.130, NetSphere.131″
add chain=forward protocol=tcp dst-port=30103 action=drop comment=” NetSphere.131″
add chain=forward protocol=tcp dst-port=30947 action=drop comment=” Intruse.134″
add chain=forward protocol=tcp dst-port=31320 action=drop comment=” LittleWitch.400, LittleWitch.420″
add chain=forward protocol=tcp dst-port=31337 action=drop comment=” BackOrifice.120, Khaled.100, OPC.200″
add chain=forward protocol=tcp dst-port=31415 action=drop comment=” Lithium.101″
add chain=forward protocol=tcp dst-port=31416 action=drop comment=” Lithium.100, Lithium.101″
add chain=forward protocol=tcp dst-port=31557 action=drop comment=” Xanadu.110″
add chain=forward protocol=tcp dst-port=31631 action=drop comment=” CleptoManicos.100″
add chain=forward protocol=tcp dst-port=31745 action=drop comment=” Buschtrommel.100, Buschtrommel.122″
add chain=forward protocol=tcp dst-port=31785 action=drop comment=” Hack’a’Tack.100, Hack’a’Tack.112″
add chain=forward protocol=tcp dst-port=31787 action=drop comment=” Hack’a’Tack.100, Hack’a’Tack.112″
add chain=forward protocol=tcp dst-port=31789 action=drop comment=” Hack’a’Tack.100, Hack’a’Tack.112″
add chain=forward protocol=tcp dst-port=31791 action=drop comment=” Hack’a’Tack.100, Hack’a’Tack.112″
add chain=forward protocol=tcp dst-port=31887 action=drop comment=” BDDT.100″
add chain=forward protocol=tcp dst-port=31889 action=drop comment=” BDDT.100″
add chain=forward protocol=tcp dst-port=32100 action=drop comment=” ProjectNext.053″
add chain=forward protocol=tcp dst-port=32418 action=drop comment=” AcidBattery.100″
add chain=forward protocol=tcp dst-port=32791 action=drop comment=” Akropolis.100, Rocks.100″
add chain=forward protocol=tcp dst-port=33291 action=drop comment=” RemoteHak.001″
add chain=forward protocol=tcp dst-port=33333 action=drop comment=” Blackharaz.100, Prosiak.047, SubSeven.214″
add chain=forward protocol=tcp dst-port=33577 action=drop comment=” SonOfPsychward.020″
add chain=forward protocol=tcp dst-port=34324 action=drop comment=” TelnetServer.100″
add chain=forward protocol=tcp dst-port=34763 action=drop comment=” Infector.180, Infector.190, Infector.200″
add chain=forward protocol=tcp dst-port=35000 action=drop comment=” Infector.190, Infector.200″
add chain=forward protocol=tcp dst-port=35600 action=drop comment=” Subsari.140″
add chain=forward protocol=tcp dst-port=36794 action=drop comment=” BugBear.100″
add chain=forward protocol=tcp dst-port=37237 action=drop comment=” Mantis.020″
add chain=forward protocol=tcp dst-port=37651 action=drop comment=” YAT.210″
add chain=forward protocol=tcp dst-port=37653 action=drop comment=” YAT.310″
add chain=forward protocol=tcp dst-port=40308 action=drop comment=” Subsari.140″
add chain=forward protocol=tcp dst-port=40412 action=drop comment=” TheSpy.100″
add chain=forward protocol=tcp dst-port=40421 action=drop comment=” MastersParadise.970″
add chain=forward protocol=tcp dst-port=40422 action=drop comment=” MastersParadise.970″
add chain=forward protocol=tcp dst-port=40999 action=drop comment=” DiemsMutter.110, DiemsMutter.140″
add chain=forward protocol=tcp dst-port=41626 action=drop comment=” Shah.100″
add chain=forward protocol=tcp dst-port=44444 action=drop comment=” Prosiak.070″
add chain=forward protocol=tcp dst-port=45673 action=drop comment=” Akropolis.100, Rocks.100″
add chain=forward protocol=tcp dst-port=47262 action=drop comment=” Delta.050″
add chain=forward protocol=tcp dst-port=48006 action=drop comment=” Fragglerock.200″
add chain=forward protocol=tcp dst-port=49683 action=drop comment=” HolzPferd.210″
add chain=forward protocol=tcp dst-port=50000 action=drop comment=” Infector.180″
add chain=forward protocol=tcp dst-port=50130 action=drop comment=” Enterprise.100″
add chain=forward protocol=tcp dst-port=50766 action=drop comment=” Fore.100″
add chain=forward protocol=tcp dst-port=51234 action=drop comment=” Cyn.210″
add chain=forward protocol=tcp dst-port=51966 action=drop comment=” Cafeini.080, Cafeini.110″
add chain=forward protocol=tcp dst-port=54321 action=drop comment=” PCInvader.010″
add chain=forward protocol=tcp dst-port=57341 action=drop comment=” NetRaider.100″
add chain=forward protocol=tcp dst-port=57922 action=drop comment=” Bionet.084″
add chain=forward protocol=tcp dst-port=58008 action=drop comment=” Tron.100″
add chain=forward protocol=tcp dst-port=58009 action=drop comment=” Tron.100″
add chain=forward protocol=tcp dst-port=59090 action=drop comment=” AcidReign.200″
add chain=forward protocol=tcp dst-port=59211 action=drop comment=” DuckToy.100, DuckToy.101″
add chain=forward protocol=tcp dst-port=59345 action=drop comment=” NewFuture.100″
add chain=forward protocol=tcp dst-port=60000 action=drop comment=” DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101″
add chain=forward protocol=tcp dst-port=60411 action=drop comment=” Connection.100, Connection.130″
add chain=forward protocol=tcp dst-port=60412 action=drop comment=” Connection.130″
add chain=forward protocol=tcp dst-port=60552 action=drop comment=” RoxRat.100″
add chain=forward protocol=tcp dst-port=63536 action=drop comment=” InsaneNetwork.500″
add chain=forward protocol=tcp dst-port=63878 action=drop comment=” AphexFTP.100″
add chain=forward protocol=tcp dst-port=63879 action=drop comment=” AphexFTP.100″
add chain=forward protocol=tcp dst-port=64969 action=drop comment=” Lithium.100″
add chain=forward protocol=tcp dst-port=65000 action=drop comment=” Socket.100″
add chain=forward protocol=udp dst-port=1 action=drop comment=” SocketsDeTroie.250″
add chain=forward protocol=udp dst-port=666 action=drop comment=” Bla.200, Bla.400, Bla.503, Noknok.820″
add chain=forward protocol=udp dst-port=1130 action=drop comment=” Noknok.800, Noknok.820″
add chain=forward protocol=udp dst-port=2140 action=drop comment=” DeepThroat.100, DeepThroat.200, DeepThroat.310″
add chain=forward protocol=udp dst-port=2989 action=drop comment=” Rat.200″
add chain=forward protocol=udp dst-port=3128 action=drop comment=” MastersParadise.970″
add chain=forward protocol=udp dst-port=3129 action=drop comment=” MastersParadise.920, MastersParadise.970″
add chain=forward protocol=udp dst-port=3150 action=drop comment=” DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110″
add chain=forward protocol=udp dst-port=3333 action=drop comment=” Daodan.123″
add chain=forward protocol=udp dst-port=3800 action=drop comment=” Eclypse.100″
add chain=forward protocol=udp dst-port=3996 action=drop comment=” RemoteAnything.364″
add chain=forward protocol=udp dst-port=4000 action=drop comment=” RemoteAnything.364″
add chain=forward protocol=udp dst-port=5555 action=drop comment=” Daodan.123″
add chain=forward protocol=udp dst-port=5881 action=drop comment=” Y3KRat.110, Y3KRat.140″
add chain=forward protocol=udp dst-port=5882 action=drop comment=” Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150″
add chain=forward protocol=udp dst-port=5883 action=drop comment=” Y3KRat.110, Y3KRat.140″
add chain=forward protocol=udp dst-port=5884 action=drop comment=” Y3KRat.140, Y3KRat.150″
add chain=forward protocol=udp dst-port=5885 action=drop comment=” Y3KRat.110, Y3KRat.120, Y3KRat.140″
add chain=forward protocol=udp dst-port=5886 action=drop comment=” Y3KRat.120, Y3KRat.140″
add chain=forward protocol=udp dst-port=5887 action=drop comment=” Y3KRat.110, Y3KRat.120, Y3KRat.140″
add chain=forward protocol=udp dst-port=5888 action=drop comment=” Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.150″
add chain=forward protocol=udp dst-port=6953 action=drop comment=” Lithium.100″
add chain=forward protocol=udp dst-port=8012 action=drop comment=” Ptakks.217″
add chain=forward protocol=udp dst-port=10067 action=drop comment=” PortalOfDoom.100″
add chain=forward protocol=udp dst-port=10167 action=drop comment=” PortalOfDoom.100″
add chain=forward protocol=udp dst-port=10666 action=drop comment=” Ambush.100″
add chain=forward protocol=udp dst-port=11225 action=drop comment=” Cyn.100, Cyn.103, Cyn.120″
add chain=forward protocol=udp dst-port=11306 action=drop comment=” Noknok.800, Noknok.820″
add chain=forward protocol=udp dst-port=12389 action=drop comment=” KheSanh.210″
add chain=forward protocol=udp dst-port=12623 action=drop comment=” Buttman.090, Buttman.100″
add chain=forward protocol=udp dst-port=12625 action=drop comment=” Buttman.100″
add chain=forward protocol=udp dst-port=14100 action=drop comment=” Eurosol.100″
add chain=forward protocol=udp dst-port=23476 action=drop comment=” DonaldDick.155″
add chain=forward protocol=udp dst-port=26274 action=drop comment=” Delta.050″
add chain=forward protocol=udp dst-port=27184 action=drop comment=” Alvgus.100″
add chain=forward protocol=udp dst-port=28431-28436 action=drop comment=” Hack’a’Tack.2000″
add chain=forward protocol=udp dst-port=29891 action=drop comment=” Unexplained.100″
add chain=forward protocol=udp dst-port=30103 action=drop comment=” NetSphere.131″
add chain=forward protocol=udp dst-port=31320 action=drop comment=” LittleWitch.400, LittleWitch.420″
add chain=forward protocol=udp dst-port=31337 action=drop comment=” BackOrifice.120, OPC.200″
add chain=forward protocol=udp dst-port=31416 action=drop comment=” Lithium.100, Lithium.101″
add chain=forward protocol=udp dst-port=31789 action=drop comment=” Hack’a’Tack.100, Hack’a’Tack.112″
add chain=forward protocol=udp dst-port=31791 action=drop comment=” Hack’a’Tack.100, Hack’a’Tack.112″
add chain=forward protocol=udp dst-port=33333 action=drop comment=” Blackharaz.100″
add chain=forward protocol=udp dst-port=47262 action=drop comment=” Delta.050″
add chain=forward protocol=udp dst-port=49683 action=drop comment=” HolzPferd.210″
add chain=forward protocol=udp dst-port=60000 action=drop comment=” MiniBacklash.100″

add chain=forward protocol=tcp dst-port=135-139 action=drop comment=”Drop Blaster Worm” disabled=no
add chain=forward protocol=tcp dst-port=1433-1434 action=drop comment=”Worm” disabled=no
add chain=forward protocol=tcp dst-port=445 action=drop comment=”Drop Blaster Worm” disabled=no
add chain=forward protocol=udp dst-port=445 action=drop comment=”Drop Blaster Worm” disabled=no
add chain=forward protocol=tcp dst-port=593 action=drop comment=”________” disabled=no
add chain=forward protocol=tcp dst-port=1024-1030 action=drop comment=”________” disabled=no
add chain=forward protocol=tcp dst-port=1080 action=drop comment=”Drop MyDoom” disabled=no
add chain=forward protocol=tcp dst-port=1214 action=drop comment=”________” disabled=no
add chain=forward protocol=tcp dst-port=1363 action=drop comment=”ndm reques ter” disabled=no
add chain=forward protocol=tcp dst-port=1364 action=drop comment=”ndm server” disabled=no
add chain=forward protocol=tcp dst-port=1368 action=drop comment=”screen cast” disabled=no
add chain=forward protocol=tcp dst-port=1373 action=drop comment=”hromgrafx” disabled=no
add chain=forward protocol=tcp dst-port=1377 action=drop comment=”cichlid” disabled=no
add chain=forward protocol=tcp dst-port=2745 action=drop comment=”Bagle forward” disabled=no
add chain=forward protocol=tcp dst-port=2283 action=drop comment=”Drop Dumaru.Y” disabled=no
add chain=forward protocol=tcp dst-port=2535 action=drop comment=”Drop Beagle” disabled=no
add chain=forward protocol=tcp dst-port=2745 action=drop comment=”Drop Beagle.C-K” disabled=no
add chain=forward protocol=tcp dst-port=3127 action=drop comment=”Drop MyDoom” disabled=no
add chain=forward protocol=tcp dst-port=3410 action=drop comment=”Drop Backdoor OptixPro” disabled=no
add chain=forward protocol=tcp dst-port=4444 action=drop comment=”Worm” disabled=no
add chain=forward protocol=udp dst-port=4444 action=drop comment=”Worm” disabled=no
add chain=forward protocol=tcp dst-port=5554 action=drop comment=”Drop Sasser” disabled=no
add chain=forward protocol=tcp dst-port=8866 action=drop comment=”Drop Beagle.B” disabled=no
add chain=forward protocol=tcp dst-port=9898 action=drop comment=”Drop Dabber.A-B” disabled=no
add chain=forward protocol=tcp dst-port=10000 action=drop comment=”Drop Dumaru.Y, sebaiknya di didisable karena juga sering digunakan utk vpn atau webmin” disabled=yes
add chain=forward protocol=tcp dst-port=10080 action=drop comment=”Drop MyDoom.B” disabled=no
add chain=forward protocol=tcp dst-port=12345 action=drop comment=”Drop NetBus” disabled=no
add chain=forward protocol=tcp dst-port=17300 action=drop comment=”Drop Kuang2″ disabled=no
add chain=forward protocol=tcp dst-port=27374 action=drop comment=”Drop SubSeven” disabled=no
add chain=forward protocol=tcp dst-port=65506 action=drop comment=”Drop PhatBot, Agobot, Gaobot” disabled=no

Jan 14 2010

Cabe jempol

Beberapa waktu lalu pernah ketemu dengan cabe yang ukurannya Sejempol Kaki di tukang taman, namun setelah dicoba dibudidayakan gagal total kurang perhatian kurang lebih selama seminggu, tempatnya direnovasi (apa hubunganya hehehehe…).

Nah karena kebetulan pernah cerita ketemen-temen sedang mencoba bertanam cabe, eh dibawain varian cabe Jempol yang lain oleh Pak Teja. Tapi yang ini cabe Jempol tangan. Kenapa saya beri nama Cabe Jempol Tangan karena ukurannya sebesar Jempol tangan orang dewasa. Cukup besar juga ukurannya.  Sayangnya tidak ada timbangan saat ini sehingga belum tahu berapa berat dari Cabe Jempol tersebut.

Ini gambar cabe jempol tangannya :

Terima kasih Pak Teja yang sudah membawakan Cabe-nya, akan dicoba di “Photo Copy” biar banyak, kali saja bisa menjadi bibit unggulan. Dan dapat diperbanyak di kebun belakang rumah.

Jan 8 2010

Cisco ASA 5520 single internal network 

pixfirewall# sh run
: Saved
:
PIX Version 8.0(2)
!
hostname pixfirewall
enable password 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0
 nameif outside
 security-level 0
 ip address 10.1.1.2 255.255.255.0
!
interface Ethernet1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
!


!--- Output Suppressed



!--- Create an access list to allow pings out
!--- and return packets back in.


access-list 100 extended permit icmp any any echo-reply
access-list 100 extended permit icmp any any time-exceeded
access-list 100 extended permit icmp any any unreachable


!--- Allows anyone on the Internet to connect to
!--- the web, mail, and FTP servers. 


access-list 100 extended permit tcp any host 10.1.1.3 eq www
access-list 100 extended permit tcp any host 10.1.1.4 eq smtp
access-list 100 extended permit tcp any host 10.1.1.5 eq ftp
pager lines 24


!--- Enable logging.


logging enable


!--- Enable error and more severe syslog messages
!--- to be saved to the local buffer. 


logging buffered errors


!--- Send notification and more severe syslog messages
!--- to the syslog server. 


logging trap notifications


!--- Send syslog messages to a syslog server
!--- on the inside interface. 


logging host inside 192.168.1.220

mtu outside 1500
mtu inside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400


!--- Define a Network Address Translation (NAT) pool that
!--- internal hosts use when going out to the Internet.


global (outside) 1 10.1.1.15-10.1.1.253


!--- Define a Port Address Translation (PAT) address that
!--- is used once the NAT pool is exhausted.


global (outside) 1 10.1.1.254


!--- !--- Allow all internal hosts to use
!--- the NAT or PAT addresses specified previously.


nat (inside) 1 0.0.0.0 0.0.0.0


!--- Define a static translation for the internal
!--- web server to be accessible from the Internet.


static (inside,outside) 10.1.1.3 192.168.1.4 netmask 255.255.255.255


!--- Define a static translation for the internal
!--- mail server to be accessible from the Internet.


static (inside,outside) 10.1.1.4 192.168.1.15 netmask 255.255.255.255


!--- Define a static translation for the internal
!--- FTP server to be accessible from the Internet.


static (inside,outside) 10.1.1.5 192.168.1.10 netmask 255.255.255.255


!--- Apply access list 100 to the outside interface.


access-group 100 in interface outside


!--- !--- Define a default route to the ISP router.


route outside 0.0.0.0 0.0.0.0 10.1.1.1 1


!--- Output Suppressed



!--- Allow the host 192.168.1.254 to be able to
!--- Telnet to the inside of the PIX. 


telnet 192.168.1.254 255.255.255.255 inside
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
!
: end


!--- Output Suppressed

Sumber : http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094ea2.shtml

Jan 5 2010

Setting Static IPv6

Setting a static IPv6 address

Windows Vista

to come

Windows XP (SP2)

Check

First check to see if IPv6 is installed.

  • Execute ipv6 if from a DOS windows.
  • If it returns the message below, then IPv6 is not installed. If it returns a large amount of interface configuration information, IPv6 is installed and you can proceed to the Configure section.
Could not access IPv6 protocol stack - the stack is not installed.

Install

To install IPv6 on Windows XP SP2, execute the following commands as a administrator from the command line (DOS window):

  • ipv6 install
  • The output from this command is likely to be 1 of 2 possibilities:’
  1. The command returns OK. IPv6 has installed correctly, proceed to the Configure section.
  2. The command returns
Installing...
Failed to complete the action.
Error 0x800704b8

This problem relates to a windows internal security database that needs to be integrity checked and possibly repaired. ** If you’re using a corporate machine that is built as part of a Windows Domain, then please check with your IS people before following these procedures, as they may alter or erase Group Policy settings that have been pushed to your machine via a Domain Controller.**

  • If you issue esentutl /g c:\windows\security\Database\secedit.sdb, this will check the security database for errors.

Check the output of that command, if it declares…

Checking database integrity.
The database is not up-to-date. This operation may find that this database is corrupt
because data from the log files has yet to be placed in the database.
  • …then the database has errors which need to be corrected before IPv6 can be installed. The following command will rebuild the Local Security database on the machine.

** THIS IS POTENTIALLY DAMAGING TO YOUR DOMAIN SETTINGS **

  • Execute “esentutl /p c:\windows\security\Database\secedit.sdb” as an Administrator user.
  • You will likely get a warning box pop up which states…
You should only run Repair on damaged or corrupted databases
  • …Hit “OK”
  • Once the command has run-trough, re-execute esentutl /g c:\windows\security\Database\secedit.sdb which should result in the following output
Integrity check successful.
Operation completed successfully in X.xxx seconds.
  • Now, you should be able to execute the ipv6 install command successfully.
  • Run ipv6 if to confirm (see above).

Configure

Once IPv6 is Installed and running, it’s time to assign IPv6 Addresses, gateways and routes.

To configure an IPv6 address, determine which of the Interfaces shown by the command ipv6 if matches the name of your main network connection under “START–Control Panel–Network Connection”, it should be called something like “Local Area Connection X” where X is a number.

  • As an example, ipv6 if on my machine shows
Interface 5: Ethernet: Local Area Connection
 Guid {3E4601A7-041B-4D5A-ACD3-B6D840BBEF39}
zones: link 5 site 2
uses Neighbor Discovery
uses Router Discovery
link-layer address: 00-16-cb-97-4a-4e
  preferred global 2404:138:4000:1::203, life infinite (manual)
  preferred link-local fe80::216:cbff:fe97:4a4e, life infinite
  multicast interface-local ff01::1, 1 refs, not reportable
  multicast link-local ff02::1, 1 refs, not reportable
  multicast link-local ff02::1:ff97:4a4e, 1 refs, last reporter
  multicast link-local ff02::1:ff00:203, 1 refs, last reporter
link MTU 1500 (true link MTU 1500)
current hop limit 128
reachable time 20000ms (base 30000ms)
retransmission interval 1000ms
DAD transmits 1
default site prefix length 48
  • To assign 2404:138:4000:1::203 to Local Area Connection 5, execute ipv6 adu 5/2404:138:4000:1::203
  • To define the default gateway for that interface, execute ipv6 rtu ::/0 5/2404:138:4000:1::2. This defines the default route (::/0) on interface 5 as being 2404:138:4000:1::2.
  • To check IPv6 routes execute netsh, then interface ipv6 and then show route.

It should show something like

Publish  Type       Met  Prefix                    Idx  Gateway/Interface Name
-------  --------  ----  ------------------------  ---  ---------------------
no       Manual       0  ::/0                        5  2404:138:4000:1::2
  • To get out of netsh, type bye

Finalise

Once you have configured IPv6 Gateway and routes, test you can ping:

  1. Your local loopback. Try ping6 ::1. This should return replies that look similar to a normal IPv4 ping response
  2. Your v6 Gateway. Try ping6 <IPv6 gateway address>. Again, we’re looking for a normal ping response.

If you are having problems pinging gateways, then it may be with the Teredo Tunneling adapter that XP & Vista installs by default. This can be disabled using the netsh command

  • At a DOS prompt, execute netsh
  • Execute interface and then execute ipv6
  • Execute set teredo disable
  • Execute bye to exit from netsh
  • Finally, ensure you have a DNS server configured that can return Ipv6 or AAAA (Quad A) records.

Mac OS X

donaldsclark 18:59, 18 June 2008 (NZST)

Configuring a static (manual) IPv6 address under Mac OS X (version 10.5.3 in this instance) should be an easy case of bringing up the Network Preferences window, choosing your preferred interface, clicking on ‘Advanced’ and then choosing the TCIP/IP pane. From this pane, there is an ability to have IPv6 off, automatically configure or manually configure.

We haven’t tried automatic configuration yet [June 2008] as we don’t have an IPv6 DHCP server setup at the office. However, we do support IPv6 – as does KAREN of course – and have an allocation of IPv6 addresses.

Unfortunately, we discovered what appears to be a bug in using the GUI to manually set a static IPv6 address configuration in OS X. Whilst you can fill out the fields in the GUI pan and they are remembered, the underlying network configuration does not appear to change.

A manual workaround has been successful.

  • Ignore the GUI – at least for setting a static address
  • From the terminal, setup your IPv6 details:
    • sudo ifconfig en0 inet6 2404:138:4000:x::xx/64
    • sudo route add -inet6 -prefixlen 0 default 2404:138:4000:x::x
    • (replace en0 with the relevant network interface you want to IPv6 enable and xx with the relevant address numbering for your machine and the default gateway)
  • From the terminal, check the details have been applied
    • ifconfig en0 | grep inet6
inet6 fe80::21f:5bff:fe84:5a2f%en0 prefixlen 64 scopeid 0x4
inet6 2404:138:4000:x::xx prefixlen 64

(note the fe80: address is the internal IPv6 address assigned by the OS. It is similar to a 10.x or 192.168.x address under IPv4)

    • netstat -r -f inet6
Internet6:
Destination        Gateway            Flags      Netif Expire
::                 2404:138:4000:x::x UGSc        en0
default            2404:138:4000:x::x UGSc        en0

Note: As this method does not use the GUI, you may find that as you switch back to other networks using the same interface you will have to reset or manually remove your default gateway.

Linux/Unix

The following instructions were developed using Ubuntu Server 7.10, and is very simple. You need to edit /etc/network/interfaces with an appropriate editor such as vi. The catch is that the following lines need to be added before the IPv4 configuration.

  iface eth(n) inet6 static
    address 2404:138:xxxx:xxxx::xxxx (static address of your host)
    netmask 64
    gateway 2404:138:xxxx:xxxx::xxxx (static address of the default router)

Once this has been saved restart the interface and use ping6 <address> to test connectivity to a remote subnet.

Automatic IPv6 address configuration – DHCP v6

Update 14 August

Unfortunately, neither Mac OS X, Windows XP, nor most default linux installs come with a DHCPv6 client (Vista may, but we’ve not checked). This means that any DNS, default routes and search paths have to be set manually.

This reflects the (to my knowledge) non-finalised protocols / standards around DHCPv6.

Mac OS X does come with the option of “automatically” configuring IPv6, but as far as we an tell, this either sets up an internal fe80: address, which will work alongside 6to4 tunnelling, but is not much use if you want to use IPv6 directly outside your current subnet. I’ve heard it may obtain a stateless IPv6 address via autoconfig from a correctly configured router. I understand Apple have quite a small networking / IP team and they have been swamped with iPhone activity recently.

Apple’s focus on IPv6 appears questionable. A report from IETF-71:

“during the Q&A session at the plenary (after the IPv6 only event), Stuart Cheshire of Apple was venting at the mike about why they should have to support yet another protocol for address assignment and other configuration info (I thought that was what stateless autoconfig was for, or something along those lines). Someone mentioned RFC 5006 to him, and he said yes, that’s most likely what they would support ..

There is a way to get a semi-functioning DHCPv6 client under OS X described here by an IETF delegate in March 2008 (great blog – lots of detail). It uses Python.

The Internet2 gurus tell me that one of the challenges is support for IPv6 ‘helpers’ (for example http://www.blackviper.com/WinXP/Services/IPv6_Helper_Service.htm).

Some community DHCP IPv6 links follow:

  • Dibbler – Dibbler is a portable DHCPv6 implementation. It supports stateful (i.e. IPv6 address granting) as well as stateless (i.e. option granting) autoconfiguration for IPv6. Supports IPv6 and WinXP.
  • dhcpv6 project – DHCPv6 is a stateful address autoconfiguration protocol for IPv6, a counterpart to IPv6 stateless address autoconfiguration protocol.
  • ISC DHCP suite – version 4 onwards supports DHCPv6

Sumber : http://wiki.karen.net.nz/index.php/IPv6

By yans008 Posted in IPv6
0