Juniper IDP via NMS

IDP 8200 using NMS (Network and Security Manager) software

Directly domain block by above method.. must add those to any policy like IIG-Policy,VC, URL Block and also update device(idp8200)


*** Filter by Custom attack...  and must add those to any policy like IIG-Policy,VC, URL Block and also update device(idp8200)

 IDP Object: +
name: BTRC-www.xyz.com
Description: www.xyz.com/collections/4212847/BDR-Mutiny
Severity: major
Category: HTTP
Keywords: collections 4212847 BDR-Mutiny

 Attach Versions: +
    tik mark:
idp-5.1.0
idp-5.1.110120907
idp-5.1.110121210
type: Compund Attack -> Next

 Protocol Type: Service
Service: http (predefined) -> Next

 Scope: Transaction
 Boolean Expression: m01 AND m02
 +
 signature
Member Name: m01
pattern: \[(.*\.)?xyz\.com\]

Context: HTTP : HTTP Header Host (predefined)
Direction: Client to Server
ok
 +
  Member Name: m02
pattern: \[/collections/4212847/BDR-Mutiny\]

Context: HTTP : HTTP URL Parsed (predefined)
Direction: Client to Server

Finish

MikroTik Schedule reboot Script

/system scheduler
add comment="Reboot every 1 hours" disabled=no interval=1h name=Reboot1hour on-event=\
    "/system reboot" policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive \
    start-date=jul/23/2016 start-time=08:00:00