Malware Patrol offers three threat data feeds formatted for MikroTik devices. Each feed protects against malware and ransomware infections as well as sites running cryptomining scripts.
In addition to preventing access to malicious sites, the feeds also block communication with command-and-control servers (C2s) for over a hundred malware and ransomware families. This stops movement through the kill chain cycle to prevent secondary payload installation, data exfiltration, and ransomware file encryption.
1. Malicious Domains – Domains known to be hosting cryptominers, C2s, DGAs, malware & ransomware, and phish.
2. DNS-over-HTTPS (DoH) Servers – Domains for active DNS-over-HTTPS (DoH) servers/resolvers.
3. Tor Exit Nodes – IP addresses of the final nodes through which Tor traffic is routed before reaching the Internet.
Mikrotik Router Configuration Guide
Click here to access our detailed MikroTik configuration guide. It provides step-by-step instructions for configuring your MikroTik router to filter malicious domains. This will protect your network and users from accessing phishing and cryptomining sites as well as malware and ransomware infections.
Check out the video below to learn more about Malware Patrol and how we help businesses to improve their security.
“MikroTik develops and sells wired and wireless network routers, network switches, access points, as well as operating systems and auxiliary software. Their RouterOS has a very powerful firewall implementation with features including:
- stateful packet inspection
- peer-to-peer protocols filtering
- traffic classification by:
- source MAC address
- IP addresses (network or list) and address types (broadcast, local, multicast, unicast)
- port or port range
- IP protocols
- protocol options (ICMP type and code fields, TCP flags, IP options, and MSS)
- interface the packet arrived from or left through
- internal flow and connection marks
- DSCP byte
- packet content
- rate at which packets arrive and sequence numbers
- packet size
- packet arrival time”