Powerful Ways to overcome Conficker Virus in Mikrotik
Conficker is a virus that is making dizzy the network administrator, the virus spread rapidly across the network. Conficker is actually capable in the detection by anti-virus like avira nod, kaspersky, smadav, but sometimes it comes back. Ping results were also very messy. On this occasion we would like to share our knowledge and experience applied in the network itself,. Well, let's check it out!:
Copy and paste it in Winbox via terminal or maybe via telnet directly, and just copy and paste it:
/ip firewall filter add chain=forward protocol= udp dst-port=135 action=drop comment=”Conficker” disabled=no
/ip firewall filter add chain=forward protocol= udp dst-port=137 action=drop comment=”Conficker” disabled=no
/ip firewall filter add chain=forward protocol= udp dst-port=138 action=drop comment=”Conficker” disabled=no
/ip firewall filter add chain=forward protocol= udp dst-port=445 action=drop comment=”Conficker” disabled=no
/ip firewall filter add chain=forward protocol= tcp dst-port=135 action=drop comment=”Conficker” disabled=no
/ip firewall filter add chain=forward protocol= tcp dst-port=139 action=drop comment=”Conficker” disabled=no
/ip firewall filter add chain=forward protocol= tcp dst-port=5933 action=drop comment=”Conficker” disabled=no
/ip firewall filter add chain=forward protocol= tcp dst-port=445 action=drop comment=”Conficker” disabled=no
/ip firewall filter add chain=forward protocol= tcp dst-port=4691 action=drop comment=”Conficker” disabled=no
Additional .. to strengthen your Mikrotik rule agains to confickers virus. you should also add the above ports entered in the Web Proxy Direct, as shown below :
well.. good luck