Re: [tanya-jawab] mrtg tinggi tnp ada yg pake

sonjaya Tue, 15 Jun 2004 04:05:42 -0700

> MRTG nya yang tinggi itu bagian Incoming Traffic atau Outgoing Traffic,
> atau
> bahkan dua - dua nya. Coba cek log APACHE, apakah ada yang coba - coba
> METHOD
> CONNECT port 25 terus - terusan ? kalau ada disitulah masalahnya yang
> habisin
> bandwidth cukup banyak.
>
> Sekalian minta saran dari rekan2, gimana cara APACHE memblokir serangan
> METHOD
> CONNECT yang ndak jelas tersebut.
>



hmm incoming yg masuk , sekitar 40 kbps padahal koneksi semua di tutup
hanya respon dari luar  yg engga di blok , trus koneksi ke port 25 di
tutup pake iptables juga ini sample log yg coba akses squid

USERS - SITES REPORT, SORT - BYTES, REVERSED Num User ID Bytes %Bytes
Local Bytes Out Bytes Sites date & time
18 130.239.18.160 5.704 0.001 5.704 2.868 2 date - time
19 61.146.41.22 5.672 0.001 5.672   4 date - time
20 194.68.45.50 5.664 0.001 5.664   1 date - time
21 204.152.186.58 4.250 0.000 4.250   2 date - time
22 24.87.228.124 2.952 0.000 2.952   1 date - time
23 172.18.2.173 2.876 0.000 2.876   2 date - time
24 61.163.245.216 2.840 0.000 2.840   2 date - time
25 218.66.85.98 2.840 0.000 2.840   2 date - time
26 219.128.255.108 2.836 0.000 2.836   2 date - time
27 61.51.208.41 2.836 0.000 2.836   2 date - time
28 210.51.191.227 2.836 0.000 2.836   2 date - time
29 218.59.17.126 2.836 0.000 2.836   2 date - time
30 61.233.89.68 2.836 0.000 2.836   2 date - time
31 218.9.226.82 2.836 0.000 2.836   2 date - time
32 218.62.92.151 2.836 0.000 2.836   2 date - time
33 210.51.191.34 2.834 0.000 2.834   2 date - time
34 218.32.231.143 2.834 0.000 2.834   2 date - time
35 64.251.27.2 2.832 0.000 2.832   1 date - time
36 217.107.218.126 1.492 0.000 1.492   1 date - time
37 219.148.146.84 1.481 0.000 1.481   1 date - time
38 24.211.134.255 1.476 0.000 1.476   1 date - time
39 218.244.46.14 1.452 0.000 1.452   1 date - time
40 202.144.118.54 1.428 0.000 1.428   1 date - time
41 81.52.247.21 1.424 0.000 1.424   1 date - time
42 213.206.87.250 1.422 0.000 1.422   1 date - time
43 24.232.70.155 1.416 0.000 1.416   1 date - time
44 218.1.127.68 1.414 0.000 1.414   1 date - time

detail

USER: (up to 10 top) SITES, SORT - BYTES, REVERSED Num Bytes %Bytes Local
Bytes Out Bytes 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 Site
1 2.868 50.281 2.868 2.868             http://130.239.18.160:802/
2 2.836 49.719 2.836                       130.239.18.160:802



USER: (up to 10 top) SITES, SORT - BYTES, REVERSED Num Bytes %Bytes Local
Bytes Out Bytes 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 Site
1 1.424 25.106 1.424          http://www.yahoo.com/
2 1.422 25.071 1.422          http://www.ebay.com/
3 1.414 24.929 1.414            66.135.192.88:80
4 1.412 24.894 1.412            66.94.230.45:80

Num Bytes %Bytes Local Bytes Out Bytes 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7
8 9 0 1 2 3 Site
1 1.422 50.141 1.422              http://www.ebay.com/
2 1.414 49.859 1.414              65.54.190.230:25

dan banyak lagi ....

trus kira kira ngebloknya gimana yach kebetulan machine linux di pake
proxy juga .

thx yach


















--
Unsubscribe: kirim email kosong ke [EMAIL PROTECTED]
Arsip dan info di http://linux.or.id/milis.php
FAQ milis http://linux.or.id/faq.php

Re: [tanya-jawab] mrtg tinggi tnp ada yg pake

Kirim email ke