Chek list

Cambiar Pass Admin

Nombre de Equipo

/system identity

set name=CLIENTE

..

..

Reloj

/system clock

set time-zone-name=America/Argentina/Cordoba

/system ntp client

set enabled=yes primary-ntp=168.96.251.227 secondary-ntp=200.189.40.8

..

..

Activar Cloud

/ip cloud

set ddns-enabled=yes

..

Graficar interface

/tool graphing interface

add

/tool graphing resource

add

..

..

..

Bajar servicios 22 -21 etc

/ip service

set telnet disabled=yes

set ftp disabled=yes

set ssh disabled=yes

set api disabled=yes

set api-ssl disabled=yes

..

..

..


Backup Email

1º Definir correo - 2º Definir script - 3 º Definir periodicidad

Backup Logs

/log print file=log.txt:log info message="enviando log por email":global data [/system clock get date]:global hora [/system clock get time]/tool e-mail send to="marcos.charaf@charaf.com.ar" subject="log-CLIENTE $data $hora" file=log.txt body="log $data $hora"
/log print file=log.txt:log info message="enviando log por email":global data [/system clock get date]:global hora [/system clock get time]/tool e-mail send to="soporte@charaf.com.ar" subject="log-CLIENTE $data $hora" file=log.txt body="log $data $hora"
/system scheduleradd interval=7d name=Backup_log on-event=Backup_log policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ start-date=jan/01/2020 start-time=00:00:00

Wan Alert - Tools -Netwatch -

tool e-mail send to=marcos.charaf@charaf.com.ar subject="Up-Cliente"

..

..

..


Control de log


/system logging action

add email-start-tls=yes email-to=marcos.charaf@charaf.com.ar name=Correo \

target=email

..

..

..

Envio de logs

/system logging

add action=Correo prefix=CLIENTE topics=error

add action=Correo prefix=CLIENTE topics=system

add action=Correo prefix=CLIENTE topics=firewall

add action=Correo prefix=CLIENTE topics=warning

..

..


/interface ethernet

set [ find default-name=ether1 ] loop-protect=on

set [ find default-name=ether2 ] loop-protect=on

set [ find default-name=ether3 ] loop-protect=on

set [ find default-name=ether4 ] loop-protect=on

set [ find default-name=ether5 ] loop-protect=on


..

..

..


DHCP Alert

:local CurrentTime [/system clock get time];

:local hostname [/system identity get name]

:global date [/system clock get date]

:local int "$interface"

:local addr "$address"

:local mac $"mac-address"

:local dh

/tool e-mail send to=marcos.charaf@charaf.com.ar subject=DHCP-Detected body=("Se detecto DHCCLIENTE molestando en $hostname at $date - time $CurrentTime - Interface= $int - IP Address=$addr - MAC-Address= $mac !! No puedes matarlo pero si denunciarlo!")

:local CurrentTime [/system clock get time];

:local hostname [/system identity get name]

:global date [/system clock get date]

:local int "$interface"

:local addr "$address"

:local mac $"mac-address"

:local dh

/tool e-mail send to=soporte@charaf.com.ar subject=DHCP-Detected body=("Se detecto DHCPCLIENTE molestando en $hostname at $date - time $CurrentTime - Interface= $int - IP Address=$addr - MAC-Address= $mac !! No puedes matarlo pero si denunciarlo!")


Bloquear IP


ip firewall address-list

add list=blacklist address=xx.xx.xx.xx