kebetulan setting apache tidak diaktifkan proxy , ditempat saya menggunakan squidarg buat chek download ama upload setiap user , ( squid 2.5 stable 4 + mysql_auth ( utk auth user proxy)).dan setiap log saya cek ko ada ip luar yg coba akses port 25
nah kira kira settingan mana lagi yg mesti saya cek. terima kasih > On 6/15/2004, "Rio Martin" <[EMAIL PROTECTED]> wrote: >>MRTG nya yang tinggi itu bagian Incoming Traffic atau Outgoing Traffic, > atau >>bahkan dua - dua nya. Coba cek log APACHE, apakah ada yang coba - coba > METHOD >>CONNECT port 25 terus - terusan ? kalau ada disitulah masalahnya yang > habisin >>bandwidth cukup banyak. >> >>Sekalian minta saran dari rekan2, gimana cara APACHE memblokir serangan > METHOD >>CONNECT yang ndak jelas tersebut. > > mungkin ini bisa membantu > > http://www.apacheweek.com/issues/03-07-25 > Spammers use open Apache proxies > > Over the last few weeks we've been receiving a number of reports where > people > running Apache servers have found that their servers have been used to > send > out Spam email messages. > > It appears that the Spammers are using an automated tool to find open > Apache > proxies. If the tool finds an open proxy on your machine it sends a POST > request through the proxy to the local SMTP port (25), passing on the spam > messages it wishes to send. Since most people will have set up their mail > transfer agent to allow relaying of mail sent from the local host, the > messages get sent out from your machine. > > Some of the reporters believe that this is a vulnerability of the Apache > web > server by allowing proxy connections to arbitrary ports. However the > majoriry > of sites that run open Apache proxies are doing so because of a > misconfiguration rather than by design. Open proxies allow attackers > wanting > to target vulnerabilities at other sites (such as Cross site scripting > attacks, SQL injection attacks and so on) to hide or complicate their real > origin. > > If you are running the Apache web server we'd recommend that you take a > look > at your configuration files and make sure that you have not inadvertently > set > up an open proxy. > > If you do not need to act as a proxy server at all then make sure that the > directive "ProxyRequests On" does not appear in your configuration file. > Note > that you do not need to use the ProxyRequests directive if you only want > to > use Apache as a reverse proxy. > > However ifyou do need to act as a proxy server, make sure that you only > allow > authorised hosts to connect. For example using the following configuration > sample: > > <Directory proxy:*> > Order deny,allow > Deny from all > Allow from fred.example.com > </Directory> > > -- > Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] > Arsip dan info di http://linux.or.id/milis.php > FAQ milis http://linux.or.id/faq.php > > -- Unsubscribe: kirim email kosong ke [EMAIL PROTECTED] Arsip dan info di http://linux.or.id/milis.php FAQ milis http://linux.or.id/faq.php
