> MRTG nya yang tinggi itu bagian Incoming Traffic atau Outgoing Traffic, > atau > bahkan dua - dua nya. Coba cek log APACHE, apakah ada yang coba - coba > METHOD > CONNECT port 25 terus - terusan ? kalau ada disitulah masalahnya yang > habisin > bandwidth cukup banyak. > > Sekalian minta saran dari rekan2, gimana cara APACHE memblokir serangan > METHOD > CONNECT yang ndak jelas tersebut. >
hmm incoming yg masuk , sekitar 40 kbps padahal koneksi semua di tutup hanya respon dari luar yg engga di blok , trus koneksi ke port 25 di tutup pake iptables juga ini sample log yg coba akses squid USERS - SITES REPORT, SORT - BYTES, REVERSED Num User ID Bytes %Bytes Local Bytes Out Bytes Sites date & time 18 130.239.18.160 5.704 0.001 5.704 2.868 2 date - time 19 61.146.41.22 5.672 0.001 5.672 4 date - time 20 194.68.45.50 5.664 0.001 5.664 1 date - time 21 204.152.186.58 4.250 0.000 4.250 2 date - time 22 24.87.228.124 2.952 0.000 2.952 1 date - time 23 172.18.2.173 2.876 0.000 2.876 2 date - time 24 61.163.245.216 2.840 0.000 2.840 2 date - time 25 218.66.85.98 2.840 0.000 2.840 2 date - time 26 219.128.255.108 2.836 0.000 2.836 2 date - time 27 61.51.208.41 2.836 0.000 2.836 2 date - time 28 210.51.191.227 2.836 0.000 2.836 2 date - time 29 218.59.17.126 2.836 0.000 2.836 2 date - time 30 61.233.89.68 2.836 0.000 2.836 2 date - time 31 218.9.226.82 2.836 0.000 2.836 2 date - time 32 218.62.92.151 2.836 0.000 2.836 2 date - time 33 210.51.191.34 2.834 0.000 2.834 2 date - time 34 218.32.231.143 2.834 0.000 2.834 2 date - time 35 64.251.27.2 2.832 0.000 2.832 1 date - time 36 217.107.218.126 1.492 0.000 1.492 1 date - time 37 219.148.146.84 1.481 0.000 1.481 1 date - time 38 24.211.134.255 1.476 0.000 1.476 1 date - time 39 218.244.46.14 1.452 0.000 1.452 1 date - time 40 202.144.118.54 1.428 0.000 1.428 1 date - time 41 81.52.247.21 1.424 0.000 1.424 1 date - time 42 213.206.87.250 1.422 0.000 1.422 1 date - time 43 24.232.70.155 1.416 0.000 1.416 1 date - time 44 218.1.127.68 1.414 0.000 1.414 1 date - time detail USER: (up to 10 top) SITES, SORT - BYTES, REVERSED Num Bytes %Bytes Local Bytes Out Bytes 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 Site 1 2.868 50.281 2.868 2.868 http://130.239.18.160:802/ 2 2.836 49.719 2.836 130.239.18.160:802 USER: (up to 10 top) SITES, SORT - BYTES, REVERSED Num Bytes %Bytes Local Bytes Out Bytes 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 Site 1 1.424 25.106 1.424 http://www.yahoo.com/ 2 1.422 25.071 1.422 http://www.ebay.com/ 3 1.414 24.929 1.414 66.135.192.88:80 4 1.412 24.894 1.412 66.94.230.45:80 Num Bytes %Bytes Local Bytes Out Bytes 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 Site 1 1.422 50.141 1.422 http://www.ebay.com/ 2 1.414 49.859 1.414 65.54.190.230:25 dan banyak lagi .... trus kira kira ngebloknya gimana yach kebetulan machine linux di pake proxy juga . thx yach -- Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] Arsip dan info di http://linux.or.id/milis.php FAQ milis http://linux.or.id/faq.php