Page 1 of 1

virus scanner

Posted: Wed Jun 28, 2006 10:58 am
by cylent
is there a virus scanner addon or some way i can incorporate it with routeros so my clients dont get viruses?

Posted: Wed Jun 28, 2006 11:00 am
by Eugene
No.

Nothing will help you more than educating your clients.

Eugene

Posted: Wed Jun 28, 2006 11:22 am
by cylent
No.

Nothing will help you more than educating your clients.

Eugene
ya. thats like beating my head on the wall.

its sad with all the power of RouterOS theres no virus scanner addon.

Posted: Wed Jun 28, 2006 11:52 am
by kapulan
You can drop the virus by port!
Show the example:

add chain=forward action=jump jump target=virus
add chain=virus protocol=tcp dst-port=135-139 action=drop comment="Drop Blaster Worm"
add chain=virus protocol=udp dst-port=135-139 action=drop comment="Drop Messenger Worm"
add chain=virus protocol=tcp dst-port=445 action=drop comment="Drop Blaster Worm"
add chain=virus protocol=udp dst-port=445 action=drop comment="Drop Blaster Worm"
add chain=virus protocol=tcp dst-port=593 action=drop comment="________"
add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment="________"
add chain=virus protocol=tcp dst-port=1080 action=drop comment="Drop MyDoom"
add chain=virus protocol=tcp dst-port=1214 action=drop comment="________"
add chain=virus protocol=tcp dst-port=1363 action=drop comment="ndm requester"
add chain=virus protocol=tcp dst-port=1364 action=drop comment="ndm server"
add chain=virus protocol=tcp dst-port=1368 action=drop comment="screen cast"
add chain=virus protocol=tcp dst-port=1373 action=drop comment="hromgrafx"
add chain=virus protocol=tcp dst-port=1377 action=drop comment="cichlid"
add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment="Worm"
add chain=virus protocol=tcp dst-port=2745 action=drop comment="Bagle Virus"
add chain=virus protocol=tcp dst-port=2283 action=drop comment="Drop Dumaru.Y"
add chain=virus protocol=tcp dst-port=2535 action=drop comment="Drop Beagle"
add chain=virus protocol=tcp dst-port=2745 action=drop comment="Drop Beagle.C-K"
add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment="Drop MyDoom"
add chain=virus protocol=tcp dst-port=3410 action=drop comment="Drop Backdoor OptixPro"
add chain=virus protocol=tcp dst-port=4444 action=drop comment="Worm"
add chain=virus protocol=udp dst-port=4444 action=drop comment="Worm"
add chain=virus protocol=tcp dst-port=5554 action=drop comment="Drop Sasser"
add chain=virus protocol=tcp dst-port=8866 action=drop comment="Drop Beagle.B"
add chain=virus protocol=tcp dst-port=9898 action=drop comment="Drop Dabber.A-B"
add chain=virus protocol=tcp dst-port=10000 action=drop comment="Drop Dumaru.Y"
add chain=virus protocol=tcp dst-port=10080 action=drop comment="Drop MyDoom.B"
add chain=virus protocol=tcp dst-port=12345 action=drop comment="Drop NetBus"
add chain=virus protocol=tcp dst-port=17300 action=drop comment="Drop Kuang2"
add chain=virus protocol=tcp dst-port=27374 action=drop comment="Drop SubSeven"
add chain=virus protocol=tcp dst-port=65506 action=drop comment="Drop PhatBot, Agobot, Gaobot"
add chain=virus action=return
The os can not powerfull viruscan!

Posted: Wed Jun 28, 2006 12:05 pm
by sergejs
Yes, given firewall rules drop only packets over certain port numbers.

Posted: Wed Jun 28, 2006 12:38 pm
by janisk
you can try to incorporate virusscaning server. but remember - you cannot check encypted traffic, that can too be malicous.

so there is nothing you can realy do to protect your customers 100% from virus attacks.

and RouterOS is powerfull while talking about routing and firewalling - this is what it is ment for.

Posted: Wed Jun 28, 2006 9:37 pm
by csickles
Drop a message to sales 'at' software-routers.com
I will get you in touck with some one that can help..

I have some ideas as well as a source for them..

Things that make you go "Hmmmmmm...."

Posted: Thu Jun 29, 2006 10:24 am
by djape
Why the hell you need virus scanner? That way you could lose control of what's going on in router!
I hope MT guys will not take this request in to consideration.

Cheers...

Posted: Thu Jun 29, 2006 10:38 am
by savage
Ahmen, djape. It's not the job of a router to do virus scanning... Tell your clients to get AV software instead.

Posted: Thu Jun 29, 2006 11:59 am
by normis
Router is NOT a virus scanner. Do you ask your washing mashine to show you some TV ?

Posted: Thu Jun 29, 2006 12:16 pm
by janisk
what about fridge :) :roll:

let the router do the routing, but virus cacheing leave to other

Posted: Mon Jul 03, 2006 2:32 pm
by samsoft08
a washing machine showing TV !!!!! nice idea ..
what about a device making phone call , taking photos , video , web browsing , games playing , TV , radio , video call , etc etc etc ........ ??

Posted: Mon Jul 03, 2006 2:35 pm
by samsoft08
سايلنت ........ انت وين بالعراق ؟؟؟ اني بالعراق - بغداد ... samsoft08 at yahoo.com

Posted: Mon Jul 03, 2006 4:55 pm
by cibernet
سايلنت ........ انت وين بالعراق ؟؟؟ اني بالعراق - بغداد ... samsoft08 at yahoo.com
:roll:

Posted: Mon Jul 03, 2006 11:53 pm
by samsoft08
its arabic , i'm talking with cylent sorry guys :D

Posted: Wed Jul 05, 2006 12:53 am
by kapulan
Show te website:
http://www.onctek.com/trojanports.html
More trojan port!

Posted: Thu Jul 06, 2006 12:33 am
by samsoft08
Show te website:
http://www.onctek.com/trojanports.html
More trojan port!
it was a great help ..... thanks a lot..

Hello All

Posted: Fri Jul 07, 2006 8:30 am
by Riyad
Router is NOT a virus scanner. Do you ask your washing mashine to show you some TV ?
That sound is preety good. :)