Drop invalid connection, biasanya aktifitas scanner.

/*ok langsung*/
iptables -N BDFLGS
iptables -A BDFLGS -j DROP

[69@localhost ane]# iptables -v
iptables v1.4.5

Betewe latest version 1.4.9.1
Oke langsung aja.

Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.

Privoxy is frequently used in combination with Tor and Squid and can be used to bypass Internet censorship.

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.

/system script add name="mbalik" policy="ftp,reboot,read,write,policy,test,winbox,password,sniff" source="/system reboot"

By default you have two imq devices (imq0 and imq1). These are dummy interfaces, you can do nothing but attach qdiscs to them. Only egress qdiscs can be used, the current ingress qdisc is just another netfilter hooker. Since packets never get directed to an imq device by the network stack itself no netfilter hooks will ever be called. You can use imq for ingress traffic control, but only using egress qdiscs (which makes more sense anyway since current ingress is very limited).

First you have to attach a qdisc to the imq device. The imq device can be treated like any other network device. The fw classifier can be used for filters. The packet length seen by the qdisc includes link layer headers of the device the packet has entered/will be leaving through so you can work with link speed when limiting traffic.

After attaching a qdisc to the device you have to specify which packets should go through the imq device. An iptables target (`IMQ') is provided for using all the packet-selecting power of iptables.

As soon as the interfaces reaches IFF_UP state selected packets will be enqeued to the imq device. Immediately dequeue is tried and dequeued packet (possibly reordered) gets reinjected into the network stack (software pump).

If you are using IMQ as modules you can: modprobe imq and then modprobe ipt_IMQ. To choose the number of IMQ devices you should: modprobe imq numdevs=X.

http://www.linuximq.net

Bogus network filter ;
0.0.0.0/7
2.0.0.0/8
5.0.0.0/8
23.0.0.0/8
27.0.0.0/8
31.0.0.0/8
70.0.0.0/7
72.0.0.0/5
83.0.0.0/8

Manual
[root@box]#ethtool -s eth0 speed 10 duplex full autoneg off
[root@box]#ethtool --change eth0 speed 10 duplex full autoneg off

Antisniff ;
The Anti-Sniffer runs on a local ethernet segment and reports
whether machines are in promiscuous mode or not. It does this
through a variety of tests designed to tickle certain drivers,
operating systems, and hardware filtering.

Untuk kebutuhan bandwidth management.

Ayo Dance : tcp 18901-18909
SealOnline : tcp 1818
PointBlank : tcp 39190, udp 40000-40010