IT-Expert on Call

(613) 828-6611

Experience has no substitute
Inexperience carries significant cost and risk

Close Window

MOAB Prerequisite's


Provide us your MikroTik Router's model and serial number and the admin user name [owner] you use to access the Router. If the owner=admin PLEASE change that to some other name because using admin is a secuity issue that you should avoid.

Regardless of which MikroTik Router model - to qualify - for MOAB that router must have a USB storage device containing a minimum of 4GB of memory available and must be named disk2 attached.

MOAB files storage requirement for well provisioned MikroTik Routers is 2MB
MOAB files storage requirement for memory constrained MikroTik Routers is 900KB

Tell us how much storage you have free on the Flash memory and are you using a USB memory stick.
-- if you have a USB memory stick installed what is it's name [i.e. disk2] and how much free memory is available? Please note that if you want to use your existing USB memory stick you must name it as disk2

Which port is your WAN connection tied too [i.e. ether1]? If you have more than one WAN connection and want both connections covered by MOAB what is the interface-list name you created for the WAN ports?

Example of what information we expect to receive from you:

  1. Your Name: Sam Stone
  2. MikroTik Router's model: RouterBOARD D52G-5HacD2HnD-TC
  3. Serial Number: 4EF8DA6679A5
  4. Admin Name: owner=riverdale
  5. Flash memory: 16MB/4MB free
  6. USB memory stick: disk2 8GB/5GB free
  7. If single WAN port: ether1
    If Multi-WAN interface-list name: wanZ

Once we have your information, and within 24 hours, we will provide you, via e-mail, with your files. The account info we provide you is specific to your MikroTik Router and it's serial number and is embedded in the relevant scripts that you can paste into your MikroTik Terminal in one shebang or you can modify the scripts to suit your specific configuration needs. To Kick Start the process we will also provide you with 2 rsc files and 2 control files specific to your router model that you will need to place in disk2 after which you will also need to import those rsc files.

If you would prefer to have us install MOAB for you on your MikroTik Router via remote control session let us know and we would be happy to do that for you at an additional cost of US $40.00

For Your Information

We track [and log] each account [Router's serial number] to it's IP address - your embedded account details may not be used on any other MikroTik Router or be shared with anyone else - any abuse of privilege of whatsoever nature will cancel your account without further notice and no refund will be issued.

If your USB drive is named disk1 you will need to rename it to disk2. Following is script to rename disk1:
/disk set 0 name=disk2
This script assumes that the USB device # 0 is correct. To find the correct device # for the USB in Terminal issue the following: /disk print

MOAB has two tracks, one for memory constrained MikroTik Routers and the other for all other MikroTik models. Once we know which MikroTik Router model you have we will decide if your model qualifies and which track to put you on. Both tracks cover over 600 million IP addresses of known perpetrators.

For well provisioned MikroTik Routers the maximum download size is 1.8MB or less - 3 times daily and consists of 4 files [2 rsc files and 2 txt control files]; you can change the schedule to suit your situation.

For memory constrained MikroTik Router models that qualify - maximum download size is 800KB or less - 3 times daily and consists of 4 files [2 rsc files and 2 txt control file]; you can change the schedule to suit your situation.

For well provisioned MikroTik Routers - MOAB1 actual script file name is fileiptik.rsc
and usually is 1.8MB or less in size.

For memory constrained MikroTik Routers - MOAB1 actual script file name is mtiptik.rsc
and is usually 500KB in size.

For all MikroTik Routers - MOAB2 actual script file name is wsiptik.rsc and is usually 250KB or less in size.

Other files that are downloaded are control files that determine if an update is required.
For well provisioned MikroTik Routers the control files are named fileipdiff.txt and wsipdiff.txt.
For memory constrained MikroTik Router the control files are named mtipdiff.txt and wsipdiff.txt.
After each successful import and/or update check directive - all these control files and RSC files are automatically removed from your storage.

Once you complete the Kick Start Process, described above, and install the scripts you should be aware of the following script execution sequence controlled by the scheduler:

For memory constrained MikroTik Routers
- thediffevent is the first script to execute followed by
- mtiptik is the second script to execute followed by
- wsiptik is the third script to execute
For well provisioned MikroTik Routers
- thediffevent is the first script to execute followed by
- fileiptik is the second script to execute followed by
- wsiptik is the third script to execute

MOAB is updated 3 times each day @ 00:00:01 hours @ 08:00:00 hours @ 16:00:00 hours
using Ottawa ON Canada GMT -4 when Daylight Savings Time is in effect and
using Ottawa ON Canada GMT -5 when Eastern Standard Time is in effect.
You should adjust the scheduled TIME intervals on your MikroTik Router to coincide with MOAB's GMT attribute so that it reflects your geographic location - make sure that the ordering sequence of execution does not change and that there is at least a 5 minute interval between each script launching. The Greenwich Mean Time Converter can help you to determine the correct GMT time interval to use for your location.

Following is an example assuming your location is London England using GMT +1
The math here is going from Ottawa GMT-4 to London GMT+1 provides a difference of 5 hours and we suggest adding a 10 minute interval to that so that now adds up to +5:10
The scheduled scripts that we provide you are configured with the following defaults:
thediffevent Start-Time 00:02:00 THEN you would set your Start-Time to 05:12:00
mtiptik Start-Time 00:05:00 THEN you would set your Start-Time to 05:15:00
wstik Start-Time 00:10:00 THEN you would set your Start-Time to 05:20:00

Our MOAB scripts do not create Firewall rules needed to effect the blacklist - You must do that - 2 rules are needed like the following:

/ip firewall filter add action=drop chain=input comment="INPUT DROP FireHOL Blacklist" in-interface=ether1 log-prefix="Drop Blacklist" src-address-list=blacklist

/ip firewall filter add action=drop chain=input comment="INPUT DROP Rogue Webservs" in-interface=ether1 log-prefix="rogue webservers" src-address-list=bkserver

Placement and order of the Firewall rules is vitally important - improper placement will have undesirable consequences where services and sites you expect to work will no longer function.
The 2 Firewall Rules for MOAB are placed in IP Firewall Filter Rules as shown below.

blacklist

MOAB subscription Service Payment US $60.00 per Year

« PayPal »  when you're ready to subscribe

 

Close Window


IT-Expert on Call Professionals are ready willing and able to expertly deploy it for you

IT-Expert on Call does not maintain a staffed storefront office
All access to our resources is by appointment only made either by
Phone (613) 828-6611 or (613) 762-8018 or  » e-mail us « 

Based in Nepean, Ontario, Canada servicing the Regional Municipality of Ottawa-Carleton plus we offer remote services within Canada and the Continental U.S.A where broadband internet service is available.

Updated Sunday 7 October, 2018 7:18 AM
Webmaster: David Mozer