Chek list
Cambiar Pass Admin
Nombre de Equipo
/system identity
set name=CLIENTE
..
..
Reloj
/system clock
set time-zone-name=America/Argentina/Cordoba
/system ntp client
set enabled=yes primary-ntp=168.96.251.227 secondary-ntp=200.189.40.8
..
..
Activar Cloud
/ip cloud
set ddns-enabled=yes
..
Graficar interface
/tool graphing interface
add
/tool graphing resource
add
..
..
..
Bajar servicios 22 -21 etc
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
..
..
..
Backup Email
1º Definir correo - 2º Definir script - 3 º Definir periodicidad
Backup Logs
/log print file=log.txt:log info message="enviando log por email":global data [/system clock get date]:global hora [/system clock get time]/tool e-mail send to="marcos.charaf@charaf.com.ar" subject="log-CLIENTE $data $hora" file=log.txt body="log $data $hora"/log print file=log.txt:log info message="enviando log por email":global data [/system clock get date]:global hora [/system clock get time]/tool e-mail send to="soporte@charaf.com.ar" subject="log-CLIENTE $data $hora" file=log.txt body="log $data $hora"
/system scheduleradd interval=7d name=Backup_log on-event=Backup_log policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ start-date=jan/01/2020 start-time=00:00:00
Wan Alert - Tools -Netwatch -
tool e-mail send to=marcos.charaf@charaf.com.ar subject="Up-Cliente"
..
..
..
Control de log
/system logging action
add email-start-tls=yes email-to=marcos.charaf@charaf.com.ar name=Correo \
target=email
..
..
..
Envio de logs
/system logging
add action=Correo prefix=CLIENTE topics=error
add action=Correo prefix=CLIENTE topics=system
add action=Correo prefix=CLIENTE topics=firewall
add action=Correo prefix=CLIENTE topics=warning
..
..
/interface ethernet
set [ find default-name=ether1 ] loop-protect=on
set [ find default-name=ether2 ] loop-protect=on
set [ find default-name=ether3 ] loop-protect=on
set [ find default-name=ether4 ] loop-protect=on
set [ find default-name=ether5 ] loop-protect=on
..
..
..
DHCP Alert
:local CurrentTime [/system clock get time];
:local hostname [/system identity get name]
:global date [/system clock get date]
:local int "$interface"
:local addr "$address"
:local mac $"mac-address"
:local dh
/tool e-mail send to=marcos.charaf@charaf.com.ar subject=DHCP-Detected body=("Se detecto DHCCLIENTE molestando en $hostname at $date - time $CurrentTime - Interface= $int - IP Address=$addr - MAC-Address= $mac !! No puedes matarlo pero si denunciarlo!")
:local CurrentTime [/system clock get time];
:local hostname [/system identity get name]
:global date [/system clock get date]
:local int "$interface"
:local addr "$address"
:local mac $"mac-address"
:local dh
/tool e-mail send to=soporte@charaf.com.ar subject=DHCP-Detected body=("Se detecto DHCPCLIENTE molestando en $hostname at $date - time $CurrentTime - Interface= $int - IP Address=$addr - MAC-Address= $mac !! No puedes matarlo pero si denunciarlo!")
Bloquear IP
ip firewall address-list
add list=blacklist address=xx.xx.xx.xx