ip firewall filter add action=drop chain=tcp-viruses comment="Socks Des Troie, Death" disabled=no dst-port=1-2 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Agent 31, Hacker's Paradise, Agent 40421" disabled=no dst-port=30-31 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=37 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Deep Throat Fore play" disabled=no dst-port=41 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=DRAT disabled=no dst-port=48 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=DRAT disabled=no dst-port=50 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="DM Setup" disabled=no dst-port=58 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="DM Setup" disabled=no dst-port=59 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.Evala.Worm disabled=no dst-port=69 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.Evala.Worm disabled=no dst-port=70 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="CDK, Firehotcker" disabled=no dst-port=79 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Beagle.S RemoconChubo" disabled=no dst-port=81 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=85 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=86 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=87 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=88 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=89 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=90 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Common Port for phishing scam sites, Hiddenport, NCX" disabled=no dst-port=99 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojansusethis port , Invisible Identd Deamon, Kazimas" disabled=no dst-port=113 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Happy99 disabled=no dst-port=119 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Jammer Killah, Attack Bot, God Message" disabled=no dst-port=121 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Password Generator Protocol" disabled=no dst-port=129 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Farnaz disabled=no dst-port=133 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=135 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=136 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=137 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=138 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=139 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=NetTaxi disabled=no dst-port=142 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Infector 1.3" disabled=no dst-port=146 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=A.Trojan disabled=no dst-port=170 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.Rotor disabled=no dst-port=382 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backage disabled=no dst-port=334 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backage disabled=no dst-port=411 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="W32.kibuv.b, Breach, Incognito, tcp Wrappers" disabled=no dst-port=420 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="W32.kibuv.b, Breach, Incognito, tcp Wrappers" disabled=no dst-port=421 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port= 445 in-interface=!ether-local protocol=tcp src-address-list=!pura-local
ip firewall filter add action=drop chain=tcp-viruses comment="Fatal Connections - Hacker's Paradise" disabled=no dst-port=455 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Fatal Connections - Hacker's Paradise" disabled=no dst-port=456 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hacker's Paradise" disabled=no dst-port=456 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Grlogin, RPC backDoor" disabled=no dst-port=513 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Grlogin, RPC backDoor" disabled=no dst-port=514 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.kibuv.worm disabled=no dst-port=530 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Rasmin, Net666" disabled=no dst-port=531 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Stealth Spy, Phaze, 7-11 Trojan, Ini-Killer, Phase Zero, Phase-0" disabled=no dst-port=555 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=559 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sober worm Variants" disabled=no dst-port=587 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="W.32.Sasser worm" disabled=no dst-port=593 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Secret Service" disabled=no dst-port=605 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Attack FTP, Back Construction, BLA Trojan, NokNok, satans" disabled=no dst-port=666 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=SnipperNet disabled=no dst-port=667 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Dp Trojan" disabled=no dst-port=669 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=GayOL disabled=no dst-port=692 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackDoor.Netcrack.B - AimSpy" disabled=no dst-port=777 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackDoor.Netcrack.B - AimSpy" disabled=no dst-port=778 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=WinHole disabled=no dst-port=808 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Common Port for phishing scam sites" disabled=no dst-port=880 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Devil disabled=no dst-port=901 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Devil disabled=no dst-port=902 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Dark Shadow" disabled=no dst-port=911 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=999 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=1000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=1001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Doly Trojan" disabled=no dst-port=1011 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Doly Trojan" disabled=no dst-port=1012 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Doly Trojan" disabled=no dst-port=1013 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Doly Trojan" disabled=no dst-port=1014 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Doly Trojan" disabled=no dst-port=1015 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Doly Trojan" disabled=no dst-port=1016 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Vampire disabled=no dst-port=1020 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.lingosky disabled=no dst-port=1024 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.lingosky disabled=no dst-port=1025 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="NetSpy, Multidropper" disabled=no dst-port=1033 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="NetSpy, Multidropper" disabled=no dst-port=1034 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="NetSpy, Multidropper" disabled=no dst-port=1035 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Bla disabled=no dst-port=1042 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Rasmin disabled=no dst-port=1045 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="/sbin/initd - MiniCommand" disabled=no dst-port=1049 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="/sbin/initd - MiniCommand" disabled=no dst-port=1050 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Thief, AckCmd" disabled=no dst-port=1053 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Thief, AckCmd" disabled=no dst-port=1054 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Zagaban, WinHole" disabled=no dst-port=1080 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Zagaban, WinHole" disabled=no dst-port=1081 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Zagaban, WinHole" disabled=no dst-port=1082 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Zagaban, WinHole" disabled=no dst-port=1083 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Xtreme disabled=no dst-port=1090 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="RAT, Blood Fest Evoltion" disabled=no dst-port=1095 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="RAT, Blood Fest Evoltion" disabled=no dst-port=1096 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="RAT, Blood Fest Evoltion" disabled=no dst-port=1097 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="RAT, Blood Fest Evoltion" disabled=no dst-port=1098 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="RAT, Blood Fest Evoltion" disabled=no dst-port=1099 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=1111 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Orion disabled=no dst-port=1150 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Orion disabled=no dst-port=1151 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Psyber Stream Server" disabled=no dst-port=1170 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=SoftWAR,Infector disabled=no dst-port=1207 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=SoftWAR,Infector disabled=no dst-port=1208 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Kaos disabled=no dst-port=1212 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Sazo disabled=no dst-port=1218 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=1234 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sub Seven" disabled=no dst-port=1243 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="VooDoo Doll" disabled=no dst-port=1245 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Scarab, Project next" disabled=no dst-port=1255 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Scarab, Project next" disabled=no dst-port=1256 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Maverick's Matrix" disabled=no dst-port=1269 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Matrix" disabled=no dst-port=1272 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=NETrojan disabled=no dst-port=1313 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Millenium Worm" disabled=no dst-port=1338 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Bo dll" disabled=no dst-port=1349 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="GoFriller, Backdoor G-1" disabled=no dst-port=1394 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=w32.spybot.ofn disabled=no dst-port=1433 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="remote Storm" disabled=no dst-port=1441 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=FTP99CMP disabled=no dst-port=1492 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="FunkProxy " disabled=no dst-port=1505 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Psyber Streaming server" disabled=no dst-port=1509 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Trinoo disabled=no dst-port=1524 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Remote Hack" disabled=no dst-port=1568 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Miffice, Bize.Worm" disabled=no dst-port=1533 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Miffice, Bize.Worm" disabled=no dst-port=1534 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Shivka-Burka, Direct Connection" disabled=no dst-port=1600 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="ICA Browser" disabled=no dst-port=1604 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Exploiter disabled=no dst-port=1703 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Scarab disabled=no dst-port=1777 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Loxbot.d disabled=no dst-port=1751 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.NetControle disabled=no dst-port=1772 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=SpySender disabled=no dst-port=1807 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=1863 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Fake FTP. WM FTP Server" disabled=no dst-port=1966 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Fake FTP. WM FTP Server" disabled=no dst-port=1967 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Shockrave, Bowl" disabled=no dst-port=1981 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="OpC BO" disabled=no dst-port=1969 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=1999 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=2000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=2001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=2002 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=2003 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=2004 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=2005 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Ripper disabled=no dst-port=2023 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.korgo.a disabled=no dst-port=2041 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.TJServ - WinHole" disabled=no dst-port=2080 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Expjan disabled=no dst-port=2090 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Bugs disabled=no dst-port=2115 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Deep Throat" disabled=no dst-port=2140 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Illusion Mailer" disabled=no dst-port=2155 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Nirvana disabled=no dst-port=2255 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hvl RAT, Dumaru" disabled=no dst-port=2283 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Xplorer disabled=no dst-port=2300 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Studio 54" disabled=no dst-port=2311 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.shellbot disabled=no dst-port=2322 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2330 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2331 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2332 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2333 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2334 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2335 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2336 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2337 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2338 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.shellbot, Eyeveg.worm.c, contact" disabled=no dst-port=2339 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=vbs.shania disabled=no dst-port=2414 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Beagle.N disabled=no dst-port=2556 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Striker disabled=no dst-port=2565 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=2583 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Prayer 1.2 -1.3" disabled=no dst-port=2716 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Phase Zero" disabled=no dst-port=2721 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Beagle.J disabled=no dst-port=2745 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.hllw.deadhat.b disabled=no dst-port=2766 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=SubSeven disabled=no dst-port=2773 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=SubSeven disabled=no dst-port=2774 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Phineas Phucker" disabled=no dst-port=2801 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Brador.A disabled=no dst-port=2989 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Remote Shut" disabled=no dst-port=3000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=3024 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Wortbot disabled=no dst-port=3028 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="W32.Mytob.cz@mm, MicroSpy" disabled=no dst-port=3030 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="W32.Mytob.cz@mm, MicroSpy" disabled=no dst-port=3031 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.korgo.a disabled=no dst-port=3067 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.HLLW.Dax disabled=no dst-port=3256 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Nemog.D disabled=no dst-port=3306 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=3332 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=w32.Mytob.kp@MM disabled=no dst-port=3385 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.mockbot.a.worm disabled=no dst-port=3410 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Fearic, Terror Trojan" disabled=no dst-port=3456 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Eclipse 2000" disabled=no dst-port=3459 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no dst-port=3547 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Portal of Doom" disabled=no dst-port=3700 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.helios disabled=no dst-port=3737 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=PsychWard disabled=no dst-port=3777 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Eclypse disabled=no dst-port=3791 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Eclypse disabled=no dst-port=3801 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=SkyDance,Backdoor.OptixPro.13.C disabled=no dst-port=4000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=SkyDance,Backdoor.OptixPro.13.C disabled=no dst-port=4001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=4092 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.rcserv disabled=no dst-port=4128 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Nemog.D - Virtual Hacking Machine" disabled=no dst-port=4242 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.smokodoor disabled=no dst-port=4300 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=BoBo disabled=no dst-port=4321 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Phatbot disabled=no dst-port=4387 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=4444 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.mytob.db disabled=no dst-port=4512 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="File Nail" disabled=no dst-port=4567 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="ICQ Trojan" disabled=no dst-port=4590 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Nemog.D disabled=no dst-port=4646 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Nemog.D disabled=no dst-port=4661 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Beagle.U disabled=no dst-port=4751 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.tuxder disabled=no dst-port=4820 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.Opanki disabled=no dst-port=4888 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.RaHack disabled=no dst-port=4899 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Common Port for phishing scam sites" disabled=no dst-port=4903 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="ICQ Trogen" disabled=no dst-port=4950 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sokets de Trois v1./Bubbel, cd00r" disabled=no dst-port=5000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sokets de Trois v1./Bubbel, cd00r" disabled=no dst-port=5001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sokets de Trois v1./Bubbel, cd00r" disabled=no dst-port=5002 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Solo,Ootlt disabled=no dst-port=5010 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Solo,Ootlt disabled=no dst-port=5011 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="WM Remote Keylogger" disabled=no dst-port=5025 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Metropolitan 1.0" disabled=no dst-port=5031 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Metropolitan 1.0" disabled=no dst-port=5032 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.laphex.client disabled=no dst-port=5152 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5190 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Firehotcker disabled=no dst-port=5321 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Baackage,NetDemon disabled=no dst-port=5333 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="WC Remote Administration Tool" disabled=no dst-port=5343 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Blade Runner" disabled=no dst-port=5400 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Blade Runner" disabled=no dst-port=5401 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Blade Runner" disabled=no dst-port=5402 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.DarkSky.B, Backconstruction" disabled=no dst-port=5418 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.DarkSky.B, Backconstruction" disabled=no dst-port=5419 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Xtcp, Illusion Mailer" disabled=no dst-port=5512 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Flu" disabled=no dst-port=5534 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5550 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5551 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5552 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5553 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5554 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5555 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5556 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5557 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=5558 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Robo-Hack disabled=no dst-port=5569 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.EasyServ disabled=no dst-port=5588 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="PC Crasher" disabled=no dst-port=5637 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="PC Crasher" disabled=no dst-port=5638 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=5714 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=5741 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=WinCrash disabled=no dst-port=5742 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Portmap Remote Root Linux Exploit" disabled=no dst-port=5760 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Evivinc disabled=no dst-port=5800 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Y3K RAT" disabled=no dst-port=5880 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Y3K RAT" disabled=no dst-port=5882 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Y3K RAT" disabled=no dst-port=5888 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Y3K RAT" disabled=no dst-port=5889 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Evivinc disabled=no dst-port=5900 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=LovGate.ak disabled=no dst-port=6000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Bad Blood" disabled=no dst-port=6006 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.mockbot.a.worm disabled=no dst-port=6129 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Common Port for phishing scam sites" disabled=no dst-port=6180 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Trojan.Tilser disabled=no dst-port=6187 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Secret Service" disabled=no dst-port=6272 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Thing" disabled=no dst-port=6400 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Nemog.D disabled=no dst-port=6565 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.sdbot.ag disabled=no dst-port=6631 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="TEMan, Weia-Meia" disabled=no dst-port=6661 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Netbus Worm, winSATAN, Dark FTP, Schedule Agent" disabled=no dst-port=6666 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Netbus Worm, winSATAN, Dark FTP, Schedule Agent" disabled=no dst-port=6667 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Vampyre, Deep Throat" disabled=no dst-port=6669 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Vampyre, Deep Throat" disabled=no dst-port=6670 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Vampyre, Deep Throat" disabled=no dst-port=6671 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sub Seven, Backdoor.G" disabled=no dst-port=6711 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sub Seven, Backdoor.G" disabled=no dst-port=6712 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sub Seven, Backdoor.G" disabled=no dst-port=6713 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Mstream attack-handler" disabled=no dst-port=6723 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Deep Throat" disabled=no dst-port=6771 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sub Seven, Backdoor.G, W32/Bagle@MM" disabled=no dst-port=6776 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sub Seven, Backdoor.G, W32/Bagle@MM" disabled=no dst-port=6777 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=NetSky.U disabled=no dst-port=6789 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Delta source DarkStar" disabled=no dst-port=6883 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Shxt Heap " disabled=no dst-port=6912 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Indoctrination disabled=no dst-port=6939 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=6969 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Gate Crasher" disabled=no dst-port=6970 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="w32.mytob.mx@mm, Remote Grab, exploit translation server, kazimas, remote grab" disabled=no dst-port=7000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="w32.mytob.mx@mm, Remote Grab, exploit translation server, kazimas, remote grab" disabled=no dst-port=7001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Unknown Trojan" disabled=no dst-port=7028 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.Spybot.ycl disabled=no dst-port=7043 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=SubSeven disabled=no dst-port=7215 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Monitor" disabled=no dst-port=7300 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Monitor" disabled=no dst-port=7301 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Monitor" disabled=no dst-port=7302 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Monitor" disabled=no dst-port=7303 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Monitor" disabled=no dst-port=7304 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Monitor" disabled=no dst-port=7305 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Monitor" disabled=no dst-port=7306 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Monitor" disabled=no dst-port=7307 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Net Monitor" disabled=no dst-port=7308 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.netshadow disabled=no dst-port=7329 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.phoenix disabled=no dst-port=7410 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Host Control" disabled=no dst-port=7424 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="QaZ -Remote Access Trojan" disabled=no dst-port=7597 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.GRM disabled=no dst-port=7614 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Glacier disabled=no dst-port=7626 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7740 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7741 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7742 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7743 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7744 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7745 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7746 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7747 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7748 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.nodelm disabled=no dst-port=7749 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="GodMessaage, Tini" disabled=no dst-port=7777 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=ICKiller disabled=no dst-port=7789 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no dst-port=7823 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The ReVeNgEr" disabled=no dst-port=7891 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.kibuv.b disabled=no dst-port=7955 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Mstream disabled=no dst-port=7983 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=w32.mytob.lz@mm disabled=no dst-port=7999 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=w32.mytob.lz@mm disabled=no dst-port=8000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Ptakks.b disabled=no dst-port=8012 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="W32.Spybot.pen " disabled=no dst-port=8076 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=8081 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Asniffer disabled=no dst-port=8090 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.PejayBot disabled=no dst-port=8126 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackOrifice 2000" disabled=no dst-port=8787 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Monator disabled=no dst-port=8811 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Beagle.B@mm disabled=no dst-port=8866 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackOrifice 2000" disabled=no dst-port=8879 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.Axatak disabled=no dst-port=8888 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.Axatak disabled=no dst-port=8889 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackHack - Rcon, Recon, Xcon" disabled=no dst-port=8988 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackHack - Rcon, Recon, Xcon" disabled=no dst-port=8989 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="W32.randex.ccf - netministrator" disabled=no dst-port=9000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.nibu.k disabled=no dst-port=9125 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=InCommand disabled=no dst-port=9400 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.kibuv.worm disabled=no dst-port=9604 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.gholame disabled=no dst-port=9696 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.gholame disabled=no dst-port=9697 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackDoor.RC3.B, Portal of Doom" disabled=no dst-port=9872 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackDoor.RC3.B, Portal of Doom" disabled=no dst-port=9873 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackDoor.RC3.B, Portal of Doom" disabled=no dst-port=9874 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackDoor.RC3.B, Portal of Doom" disabled=no dst-port=9875 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackDoor.RC3.B, Portal of Doom" disabled=no dst-port=9876 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackDoor.RC3.B, Portal of Doom" disabled=no dst-port=9877 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BackDoor.RC3.B, Portal of Doom" disabled=no dst-port=9878 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=9898-10002 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=iNi-Killer disabled=no dst-port=9989 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="W.32.Sasser Worm" disabled=no dst-port=9996 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Prayer" disabled=no dst-port=9999 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=OpwinTRojan disabled=no dst-port=10000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=OpwinTRojan disabled=no dst-port=10005 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Cheese worm" disabled=no dst-port=10008 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=w32.mytob.jw@mm disabled=no dst-port=10027 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Portal of Doom" disabled=no dst-port=10067 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Mydoom.B disabled=no dst-port=10080 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.ranky.o, backdoor.staprew,backdoor.tuimer, gift trojan, brainspy, silencer" disabled=no dst-port=10100 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.ranky.o, backdoor.staprew,backdoor.tuimer, gift trojan, brainspy, silencer" disabled=no dst-port=10101 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.ranky.o, backdoor.staprew,backdoor.tuimer, gift trojan, brainspy, silencer" disabled=no dst-port=10102 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="backdoor.ranky.o, backdoor.staprew,backdoor.tuimer, gift trojan, brainspy, silencer" disabled=no dst-port=10103 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Acid Shivers" disabled=no dst-port=10520 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Coma disabled=no dst-port=10607 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Ambush disabled=no dst-port=10666 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Senna Spy" disabled=no dst-port=11000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Host Control" disabled=no dst-port=11050 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Host Control" disabled=no dst-port=11051 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Progenic Trojan - Secret Agent" disabled=no dst-port=11223 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Dipnet / oddBob Trojan" disabled=no dst-port=11768 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Latinus Server" disabled=no dst-port=11831 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Satancrew disabled=no dst-port=12000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Berbew.j disabled=no dst-port=12065 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=GJamer disabled=no dst-port=12076 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'99, KeyLogger" disabled=no dst-port=12223 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Netbus, Ultor's Trojan" disabled=no dst-port=12345 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Netbus, Ultor's Trojan" disabled=no dst-port=12346 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Whack-a-Mole disabled=no dst-port=12361-12363 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=NetBus disabled=no dst-port=12456 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Whack Job" disabled=no dst-port=12631 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Eclypse 2000" disabled=no dst-port=12701 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Mstream attack-handler" disabled=no dst-port=12754 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Senna Spy" disabled=no dst-port=13000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no dst-port=13173 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.Sober.D disabled=no dst-port=13468 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Kuang2 the Virus" disabled=no dst-port=13700 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Trojan.Mitglieder.h disabled=no dst-port=14247 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Mstream attack-handler" disabled=no dst-port=15104 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Dipnet / oddBob Trojan" disabled=no dst-port=15118 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Cyn disabled=no dst-port=15432 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Lastdoor disabled=no dst-port=16322 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Mosucker disabled=no dst-port=16484 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Haxdoor.D - Stacheldraht" disabled=no dst-port=16660 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Haxdoor.D - Stacheldraht" disabled=no dst-port=16661 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=16959 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Kuang2.B Trojan" disabled=no dst-port=17300 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.Imav.a disabled=no dst-port=17940 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Gaster disabled=no dst-port=19937 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Millennium - AcidkoR" disabled=no dst-port=20000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Millennium - AcidkoR" disabled=no dst-port=20001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Millennium - AcidkoR" disabled=no dst-port=20002 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="NetBus 2 Pro" disabled=no dst-port=20034 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Chupacabra disabled=no dst-port=20203 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Bla Trojan" disabled=no dst-port=20331 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Shaft Client to handlers" disabled=no dst-port=20432 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Shaft Client to handlers" disabled=no dst-port=20433 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Trojan.Adnap disabled=no dst-port=20480 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Trojan.Mitglieder.E disabled=no dst-port=20742 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.dasher.b disabled=no dst-port=21211 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Exploiter - Kid Terror - Schwndler - Winsp00fer" disabled=no dst-port=21554 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Prosiak - Ruler - Donald Dick - RUX The TIc.K" disabled=no dst-port=22222 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Simali disabled=no dst-port=22311 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor-ADM disabled=no dst-port=22784 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.hllw.nettrash disabled=no dst-port=23005 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.hllw.nettrash disabled=no dst-port=23006 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.berbew.j disabled=no dst-port=23232 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Trojan.Framar disabled=no dst-port=23435 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Donald Dick" disabled=no dst-port=23476 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Donald Dick" disabled=no dst-port=23477 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=w32.mytob.km@mm disabled=no dst-port=23523 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Delta Source" disabled=no dst-port=26274 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.optix.04 disabled=no dst-port=27379 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sub-7 2.1" disabled=no dst-port=27573 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Trin00 DoS Attack" disabled=no dst-port=27665 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Sdbot.ai disabled=no dst-port=29147 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.NTHack disabled=no dst-port=29292 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Latinus Server" disabled=no dst-port=29559 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Unexplained" disabled=no dst-port=29891 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Antilam.20 disabled=no dst-port=29999 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="AOL Trojan" disabled=no dst-port=30029 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=NetSphere disabled=no dst-port=30100 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=NetSphere disabled=no dst-port=30101 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=NetSphere disabled=no dst-port=30102 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=NetSphere disabled=no dst-port=30103 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="NetSphere Final" disabled=no dst-port=30133 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sockets de Troi" disabled=no dst-port=30303 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Kuang2 disabled=no dst-port=30999 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=31335 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=31336 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=31337 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=31338 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=31339 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=BOWhack disabled=no dst-port=31666 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'a'Tack" disabled=no dst-port=31785 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'a'Tack" disabled=no dst-port=31786 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'a'Tack" disabled=no dst-port=31787 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'a'Tack" disabled=no dst-port=31788 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'a'Tack" disabled=no dst-port=31789 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'a'Tack" disabled=no dst-port=31790 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'a'Tack" disabled=no dst-port=31791 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'a'Tack" disabled=no dst-port=31792 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=backdoor.berbew.j disabled=no dst-port=32121 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Acid Battery" disabled=no dst-port=32418 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Alets.B disabled=no dst-port=32440 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Trinity Trojan" disabled=no dst-port=33270 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=trojan.lodeight.b disabled=no dst-port=33322 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Prosiak disabled=no dst-port=33333 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Spirit 2001 a" disabled=no dst-port=33911 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BigGluck, TN" disabled=no dst-port=34324 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Lifefournow disabled=no dst-port=36183 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Yet Another Trojan" disabled=no dst-port=37651 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=39999 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Spy" disabled=no dst-port=40412 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Agent 40421 - Masters Paradise" disabled=no dst-port=40421 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Agent 40421 - Masters Paradise" disabled=no dst-port=40422 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Agent 40421 - Masters Paradise" disabled=no dst-port=40423 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Agent 40421 - Masters Paradise" disabled=no dst-port=40424 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Agent 40421 - Masters Paradise" disabled=no dst-port=40425 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Agent 40421 - Masters Paradise" disabled=no dst-port=40426 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Master's Paradise" disabled=no dst-port=43210 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no dst-port=44280 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no dst-port=44390 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Delta Source" disabled=no dst-port=47252 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Amitis.B disabled=no dst-port=47387 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.antilam.20 disabled=no dst-port=47891 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Sokets de Trois v2." disabled=no dst-port=50505 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Fore disabled=no dst-port=50776 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Cyn disabled=no dst-port=51234 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=W32.kalel.a@mm disabled=no dst-port=51435 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Remote Windows Shutdown" disabled=no dst-port=53001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="subSeven -Subseven 2.1 Gold" disabled=no dst-port=54283 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port " disabled=no dst-port=54320 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port " disabled=no dst-port=54321 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="WM Trojan Generator - File manager Trojan" disabled=no dst-port=55165 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="WM Trojan Generator - File manager Trojan" disabled=no dst-port=55166 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Backdoor.Osirdoor disabled=no dst-port=56565 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="NetRaider Trojan" disabled=no dst-port=57341 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=BackDoor.Tron disabled=no dst-port=58008 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=BackDoor.Tron disabled=no dst-port=58009 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Butt Funnel" disabled=no dst-port=58339 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=BackDoor.Redkod disabled=no dst-port=58666 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=BackDoor.DuckToy disabled=no dst-port=59211 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Deep Throat" disabled=no dst-port=60000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Trinity" disabled=no dst-port=60001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Trojan.Fulamer.25" disabled=no dst-port=60006 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Xzip 6000068" disabled=no dst-port=60068 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Connection" disabled=no dst-port=60411 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.mite" disabled=no dst-port=61000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Bunker-Hill Trojan" disabled=no dst-port=61348 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Telecommando" disabled=no dst-port=61466 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Bunker-Hill Trojan" disabled=no dst-port=61603 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Bunker-Hill Trojan" disabled=no dst-port=63485 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Phatbot, W32.hllw.gaobot.dk" disabled=no dst-port=63808 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Phatbot, W32.hllw.gaobot.dk" disabled=no dst-port=63809 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment=Taskmin disabled=no dst-port=64101 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Backdoor.Amitis.B" disabled=no dst-port=64429 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=65000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Eclypse" disabled=no dst-port=65390 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Jade" disabled=no dst-port=65421 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="The Traitor (th3tr41t0r)" disabled=no dst-port=65432 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Phatbot" disabled=no dst-port=65506 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="/sbin/init" disabled=no dst-port=65534 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Adore Worm/Linux - RC1 Trojan" disabled=no dst-port=65535 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Cafeini" disabled=no dst-port=51966 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Acid baterry 2000" disabled=no dst-port=52317 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Enterprise" disabled=no dst-port=50130 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Online Keylogger" disabled=no dst-port=49301 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Exploiter" disabled=no dst-port=44575 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Prosiak" disabled=no dst-port=44444 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Remote Boot Tool - RBT" disabled=no dst-port=41666 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Storm" disabled=no dst-port=41337 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Mantis" disabled=no dst-port=37237 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Donald Dick" disabled=no dst-port=34444 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Son of PsychWard" disabled=no dst-port=33577 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Son of PsychWard" disabled=no dst-port=33777 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Peanut Brittle, Project Next" disabled=no dst-port=32100 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Donald Dick" disabled=no dst-port=32001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack'a'Tack" disabled=no dst-port=31785 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Intruse" disabled=no dst-port=30947 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Lamers Death" disabled=no dst-port=30003 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Infector - ErrOr32" disabled=no dst-port=30000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Infector - ErrOr32" disabled=no dst-port=30001 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="ovasOn" disabled=no dst-port=29369 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="NetTrojan" disabled=no dst-port=29104 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Exploiter" disabled=no dst-port=28678 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Bad Blood - Ramen - Seeker - SubSeven - SubSeven 2.1 Gold - Subseven 2.14 DefCon8 - SubSeven Muie - Ttfloader" disabled=no dst-port=27374 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="VoiceSpy" disabled=no dst-port=26681 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Moonpie" disabled=no dst-port=25982 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Moonpie" disabled=no dst-port=25685 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Moonpie" disabled=no dst-port=25686 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Infector" disabled=no dst-port=24000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="InetSpy" disabled=no dst-port=23777 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Evil FTP - Ugly FTP - Whack Job" disabled=no dst-port=23456 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Asylum" disabled=no dst-port=23432 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Amanda" disabled=no dst-port=23032 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Logged" disabled=no dst-port=23232 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Girl friend - Kid Error" disabled=no dst-port=21544 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="VP killer" disabled=no dst-port=20023 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Mosucker" disabled=no dst-port=20005 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="ICQ Revenge" disabled=no dst-port=19864 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Nephron" disabled=no dst-port=17777 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Audiodoor" disabled=no dst-port=17593 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Infector" disabled=no dst-port=17569 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="CrazzyNet" disabled=no dst-port=17499 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="CrazzyNet" disabled=no dst-port=17500 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="KidTerror" disabled=no dst-port=17449 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Mosaic" disabled=no dst-port=17166 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Priority" disabled=no dst-port=16969 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="ICQ Revenge" disabled=no dst-port=16772 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="CDK" disabled=no dst-port=15858 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="SubZero" disabled=no dst-port=15382 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Host Control" disabled=no dst-port=15092 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="NetDemon" disabled=no dst-port=15000 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="PC Invader" disabled=no dst-port=14500 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="PC Invader" disabled=no dst-port=14501 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="PC Invader" disabled=no dst-port=14502 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="PC Invader" disabled=no dst-port=14503 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Chupacabra" disabled=no dst-port=13473 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hack '99 KeyLogger" disabled=no dst-port=13223 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="PsychWard" disabled=no dst-port=13013 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="PsychWard" disabled=no dst-port=13014 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Hacker Brasil - HBR" disabled=no dst-port=13010 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Buttman" disabled=no dst-port=12624 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="BioNet" disabled=no dst-port=12349 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Host Control" disabled=no dst-port=10528 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Syphilis" disabled=no dst-port=10085 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Syphilis" disabled=no dst-port=10086 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Brown Orifice - RemoConChubo - Reverse WWW Tunnel Backdoor - RingZero" disabled=no dst-port=8080 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="DigitalRootbeer" disabled=no dst-port=2600 protocol=tcp
ip firewall filter add action=drop chain=tcp-viruses comment="Doly Trojan" disabled=no dst-port=2345 protocol=tcp
ip firewall filter add action=return chain=tcp-viruses comment="Back to previous menu" disabled=no
ip firewall filter add action=drop chain=udp-viruses comment="Socks Des Troie, Death" disabled=no dst-port=1 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Netbios - DoS attacks msinit" disabled=no dst-port=135-139 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Infector" disabled=no dst-port=146 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="N0kN0k Trojan" disabled=no dst-port=666 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Maverick's Matrix 1.2-2.0 - remote storm" disabled=no dst-port=1025 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="NoBackO" disabled=no dst-port=1200-1201 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="BackOrifice DLL Comm" disabled=no dst-port=1349 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="FunkProxy" disabled=no dst-port=1505 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="ICA Browser" disabled=no dst-port=1604 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="BackDoor.Fearic" disabled=no dst-port=2000 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Mini Backlash" disabled=no dst-port=2130 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Deep Throat" disabled=no dst-port=2140 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="BackDoor.Botex" disabled=no dst-port=2222 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="voicespy" disabled=no dst-port=2339 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Rat" disabled=no dst-port=2989 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Deep Throat - Foreplay - Mini Backflash" disabled=no dst-port=3150 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Backdoor.Fearic" disabled=no dst-port=3456 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Eclypse" disabled=no dst-port=3801 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="WityWorm - BlackICE/ISS" disabled=no dst-port=4000 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Remote Shell Trojan" disabled=no dst-port=5503 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Y3K RAT" disabled=no dst-port=5882 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Y3K RAT" disabled=no dst-port=5888 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Mstream Agent-handler" disabled=no dst-port=6838 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Unknown Trojan" disabled=no dst-port=7028 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Host Control" disabled=no dst-port=7424 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="MStream handler-agent" disabled=no dst-port=7983 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="BackOrifice 2000" disabled=no dst-port=8787 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="BackOrifice 2000" disabled=no dst-port=8879 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="MStream Agent-handler" disabled=no dst-port=9325 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Portal of Doom" disabled=no dst-port=10067 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Portal of Doom" disabled=no dst-port=10167 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Mstream handler-agent" disabled=no dst-port=10498 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Ambush" disabled=no dst-port=10666 protocol=udpfc
ip firewall filter add action=drop chain=udp-viruses comment="DUN Control" disabled=no dst-port=12623 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Shaft handler to Agent" disabled=no dst-port=18753 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Shaft handler to Agent" disabled=no dst-port=20433 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="GirlFriend" disabled=no dst-port=21554 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Donald Dick" disabled=no dst-port=23476 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Delta Source" disabled=no dst-port=26274 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Sub-7 2.1" disabled=no dst-port=27374 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Trin00/TFN2K" disabled=no dst-port=27444 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Sub-7 2.1" disabled=no dst-port=27573 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="NetSphere" disabled=no dst-port=30103 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=31335 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=31336 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=31337 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="More than 3 known worms and trojans use this port" disabled=no dst-port=31338 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Hack`a'Tack" disabled=no dst-port=31787 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Hack`a'Tack" disabled=no dst-port=31788 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Hack`a'Tack" disabled=no dst-port=31789 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Hack`a'Tack" disabled=no dst-port=31790 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Hack`a'Tack" disabled=no dst-port=31791 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Trin00 for windows" disabled=no dst-port=34555 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Trin00 for windows" disabled=no dst-port=35555 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Delta Source" disabled=no dst-port=47262 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="OnLine keyLogger" disabled=no dst-port=49301 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Back Orifice" disabled=no dst-port=543201 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="Back Orifice" disabled=no dst-port=54321 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="NetRaider Trojan" disabled=no dst-port=57341 protocol=udp
ip firewall filter add action=drop chain=udp-viruses comment="The Traitor - th3tr41t0r" disabled=no dst-port=65432 protocol=udp
ip firewall filter add action=return chain=udp-viruses comment="Back to previous menu" disabled=no
ip firewall filter add action=jump chain=forward comment="PREVENT VIRUS COME FROM LOCAL NETWORK" disabled=no in-interface=ether-local jump-target=viruses
ip firewall filter add action=jump chain=forward comment="PREVENT VIRUS COME FROM PUBLIC INTERNET NETWORK" disabled=no in-interface=ether-public jump-target=viruses
ip firewall filter add action=jump chain=input comment="PREVENT VIRUS COME FROM LAN" disabled=no in-interface=ether-local jump-target=viruses
ip firewall filter add action=jump chain=input comment="PREVENT VIRUS COME FROM PUBLIC INTERNET" disabled=no in-interface=ether-public jump-target=viruses
ip firewall filter add action=jump chain=viruses comment="Jump to handle virus from TCP port" disabled=no jump-target=tcp-viruses protocol=tcp
ip firewall filter add action=jump chain=viruses comment="Jump to handle virus from UDP port" disabled=no jump-target=udp-viruses protocol=udp
ip firewall filter add action=return chain=viruses comment="Back to previous rules" disabled=no
ip firewall filter add chain=forward protocol=tcp dst-port=25 src-address-list=suspected-spam-bot action=drop comment="Drop traffic from those on the suspect list"
ip firewall filter add chain=forward protocol=tcp dst-port=25 connection-limit=10,32 action=add-src-to-address-list address-list=suspectedspambot address-list-timeout=2d comment="More than 10 simultaneous connections looks spammy"
copy paste teko endhi cak heru..
ReplyDelete