常見病毒的ACL
責編:admin |2015-02-11 11:34:43當今社會,在IT界,網絡安全尤為重要,還記得前段時間大家的QQ被盜,引發了一系列事故,我的QQ號也被盜,黑客用我的QQ號給我的好友發欺騙信息,導致很多朋友上當受騙。當然,設備的安全同樣重要,去年,我們公司的設備密碼被人破解,導致數據的丟失,由此影響了很多客戶。所以,我在網上找了一些常用的命令總結了下,大家可以看下:
創建ACL
[zydx]acl name jiajia 2001
禁ping
rule deny icmp source any destination any
用于控制Blaster蠕蟲的傳播
rule deny udp source any destination any destination-port eq 69
rule deny tcp source any destination any destination-port eq 4444
用于控制沖擊波病毒的掃描和攻擊
rule deny tcp source any destination any destination-port eq 135
rule deny udp source any destination any destination-port eq 135
rule deny udp source any destination any destination-port eq netbios-ns
rule deny udp source any destination any destination-port eq netbios-dgm
rule deny tcp source any destination any destination-port eq 139
rule deny udp source any destination any destination-port eq 139
rule deny tcp source any destination any destination-port eq 445
rule deny udp source any destination any destination-port eq 445
rule deny udp source any destination any destination-port eq 593
rule deny tcp source any destination any destination-port eq 593
用于控制振蕩波的掃描和攻擊
rule deny tcp source any destination any destination-port eq 445
rule deny tcp source any destination any destination-port eq 5554
rule deny tcp source any destination any destination-port eq 9995
rule deny tcp source any destination any destination-port eq 9996
用于控制 Worm_MSBlast.A 蠕蟲的傳播
rule deny udp source any destination any destination-port eq 1434
下面的不出名的病毒端口號 (可以不作)
rule deny tcp source any destination any destination-port eq 1068
rule deny tcp source any destination any destination-port eq 5800
rule deny tcp source any destination any destination-port eq 5900
rule deny tcp source any destination any destination-port eq 10080
rule deny tcp source any destination any destination-port eq 455
rule deny udp source any destination any destination-port eq 455
rule deny tcp source any destination any destination-port eq 3208
rule deny tcp source any destination any destination-port eq 1871
rule deny tcp source any destination any destination-port eq 4510
rule deny udp source any destination any destination-port eq 4334
rule deny tcp source any destination any destination-port eq 4331
rule deny tcp source any destination any destination-port eq 4557
下一篇:入侵思路入侵思路