Friday, December 7, 2012

Script untuk mengahadang serangan (ARP,Ettercap , Netcut dkk ) di Mikrotik

langkah-langkahnya sebagai berikut: sebelum memulai masuk ke mikrotik sobat dahulu... 1. Masuk ke System -> Scripts 2. klik Add dan beri nama antispoofing1 3. kemudian pada kolom source isikan script di bawah ne lalu klik OK dan Run Script Script antispoofing1 : :local hosts [/ip dhcp-server lease find] :local pcname "X" :local pcnum 0 :global hacklist "" :foreach h in $hosts do={ :local host [/ip dhcp-server lease get $h host-name] :if ([:len $host] >0) do { :set pcname ($pcname . "," . $host) :set pcnum ($pcnum + 1) } } :foreach h in $pcname do={ :local hh 0 :if (!([:find $hacklist $h]>=0)) do={ :foreach k in $pcname do={ :if ($k=$h) do={:set hh ($hh + 1) } } :if ($hh>2) do={ :if ([:len $hacklist] >0) do {:set hacklist ($hacklist . "," . $h)} else={:set hacklist $h} } } } :local timer [:pick [/system clock get time] 3 5] :if (($switch > 0) || ($timer >= "58")) do={ :log warning ("New Hacklist: " . $hacklist) } 4. Ulangin langkah 2 dan beri nama antispoofing2 5. kemudian pada kolom source isikan script di bawah ne lalu klik OK dan Run Script Script antispoofing2 : # use global hacklist variable #:log info ($hacklist) :foreach host in $hacklist do={ :foreach i in= [/ip dhcp-server lease find host-name $host] do={ :local ipnum [/ip dhcp-server lease get $i address] :local unum [/ip hotspot active find address $ipnum] :if ([:len $unum] >0) do { :local usr [/ip hotspot active get $unum user] :log warning ($host . " " . $ipnum . " " . $usr) #next line kick them out right now, could also check pppoe /ip hotspot active remove $unum #other stuff can do now with the identified IP and USER } } }

0 komentar:

Post a Comment

Subscribe to: Post Comments (Atom)

Pengunjung

Followers

Featured Posts

Popular Posts

like fanspage

Copyright © Catatan Online nunung | Powered by Blogger
Design by ThemePix.com | Blogger Theme by Lasantha - Premium Blogger Templates