I noticed these filter rules in the MT online demo config.
I've never seen filter rules likes these before.
Is there an online database of antivirus firewall rules or announcements of new ones?
ie
add action=drop chain=virus comment="Drop Blaster Worm" dst-port=135-139 protocol=tcp
add action=drop chain=virus comment="Drop Messenger Worm" dst-port=135-139 protocol=udp
add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 protocol=udp
add action=drop chain=virus comment=________ dst-port=593 protocol=tcp
add action=drop chain=virus comment=________ dst-port=1024-1030 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom" dst-port=1080 protocol=tcp
add action=drop chain=virus comment=________ dst-port=1214 protocol=tcp
add action=drop chain=virus comment="ndm requester" dst-port=1363 protocol=tcp
add action=drop chain=virus comment="ndm server" dst-port=1364 protocol=tcp
add action=drop chain=virus comment="screen cast" dst-port=1368 protocol=tcp
add action=drop chain=virus comment=hromgrafx dst-port=1373 protocol=tcp
add action=drop chain=virus comment=cichlid dst-port=1377 protocol=tcp
add action=drop chain=virus comment=Worm dst-port=1433-1434 protocol=tcp
add action=drop chain=virus comment="Bagle Virus" dst-port=2745 protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" dst-port=2283 protocol=tcp
add action=drop chain=virus comment="Drop Beagle" dst-port=2535 protocol=tcp
add action=drop chain=virus comment="Drop Beagle.C-K" dst-port=2745 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom" dst-port=3127-3128 protocol=tcp
add action=drop chain=virus comment="Drop Backdoor OptixPro" dst-port=3410 protocol=tcp
add action=drop chain=virus comment=Worm dst-port=4444 protocol=tcp
add action=drop chain=virus comment=Worm dst-port=4444 protocol=udp
add action=drop chain=virus comment="Drop Sasser" dst-port=5554 protocol=tcp
add action=drop chain=virus comment="Drop Beagle.B" dst-port=8866 protocol=tcp
add action=drop chain=virus comment="Drop Dabber.A-B" dst-port=9898 protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" dst-port=10000 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom.B" dst-port=10080 protocol=tcp
add action=drop chain=virus comment="Drop NetBus" dst-port=12345 protocol=tcp
add action=drop chain=virus comment="Drop Kuang2" dst-port=17300 protocol=tcp
add action=drop chain=virus comment="Drop SubSeven" dst-port=27374 protocol=tcp
add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" dst-port=65506 protocol=tcp
Tia
I've never seen filter rules likes these before.
Is there an online database of antivirus firewall rules or announcements of new ones?
ie
add action=drop chain=virus comment="Drop Blaster Worm" dst-port=135-139 protocol=tcp
add action=drop chain=virus comment="Drop Messenger Worm" dst-port=135-139 protocol=udp
add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" dst-port=445 protocol=udp
add action=drop chain=virus comment=________ dst-port=593 protocol=tcp
add action=drop chain=virus comment=________ dst-port=1024-1030 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom" dst-port=1080 protocol=tcp
add action=drop chain=virus comment=________ dst-port=1214 protocol=tcp
add action=drop chain=virus comment="ndm requester" dst-port=1363 protocol=tcp
add action=drop chain=virus comment="ndm server" dst-port=1364 protocol=tcp
add action=drop chain=virus comment="screen cast" dst-port=1368 protocol=tcp
add action=drop chain=virus comment=hromgrafx dst-port=1373 protocol=tcp
add action=drop chain=virus comment=cichlid dst-port=1377 protocol=tcp
add action=drop chain=virus comment=Worm dst-port=1433-1434 protocol=tcp
add action=drop chain=virus comment="Bagle Virus" dst-port=2745 protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" dst-port=2283 protocol=tcp
add action=drop chain=virus comment="Drop Beagle" dst-port=2535 protocol=tcp
add action=drop chain=virus comment="Drop Beagle.C-K" dst-port=2745 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom" dst-port=3127-3128 protocol=tcp
add action=drop chain=virus comment="Drop Backdoor OptixPro" dst-port=3410 protocol=tcp
add action=drop chain=virus comment=Worm dst-port=4444 protocol=tcp
add action=drop chain=virus comment=Worm dst-port=4444 protocol=udp
add action=drop chain=virus comment="Drop Sasser" dst-port=5554 protocol=tcp
add action=drop chain=virus comment="Drop Beagle.B" dst-port=8866 protocol=tcp
add action=drop chain=virus comment="Drop Dabber.A-B" dst-port=9898 protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" dst-port=10000 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom.B" dst-port=10080 protocol=tcp
add action=drop chain=virus comment="Drop NetBus" dst-port=12345 protocol=tcp
add action=drop chain=virus comment="Drop Kuang2" dst-port=17300 protocol=tcp
add action=drop chain=virus comment="Drop SubSeven" dst-port=27374 protocol=tcp
add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" dst-port=65506 protocol=tcp
Tia
Statistics: Posted by Gurnsy — Thu Jan 25, 2024 9:41 am