Malware Patrol for Mikrotik Routers



Malware Patrol offers two threat data feeds formatted for MikroTik devices. Each feed protects against malware and ransomware infections as well as sites running cryptomining scripts.

In addition to preventing access to malicious sites, the feeds also block communication with command-and-control servers (C2s) for over a hundred malware and ransomware families. This alone can prevent data breaches and ransomware.

The available feeds are:

1. Malicious Domains – Domains known to be hosting cryptominers, C2s, malware & ransomware, and phish.

2. TOR Exit Nodes – IP addresses of the final nodes through which Tor traffic is routed in their network before reaching the Internet.

Mikrotik Router Configuration Guide

Click here to access our detailed MikroTik configuration guide. It provides step-by-step instructions for configuring your Mikrotik device to filter malicious domains. This will, in turn, protect your network, computers, and users from getting infected by malware and ransomware.

Free Evaluation Request

Mikrotik - Eval Request


MikroTik develops and sells wired and wireless network routers, network switches, access points, as well as operating systems and auxiliary software. Their RouterOS has a very powerful firewall implementation with features including:

  • stateful packet inspection
  • peer-to-peer protocols filtering
  • traffic classification by:
    • source MAC address
    • IP addresses (network or list) and address types (broadcast, local, multicast, unicast)
    • port or port range
    • IP protocols
    • protocol options (ICMP type and code fields, TCP flags, IP options, and MSS)
    • interface the packet arrived from or left through
    • internal flow and connection marks
    • DSCP byte
    • packet content
    • rate at which packets arrive and sequence numbers
    • packet size
    • packet arrival time”