Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
  1. #1
    Status
    Offline
    locantop's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    ASK blok koneksi clien

    kalau di torch misal ip clien 192.168.88.57 lagi ada aktivitas ke ip 91.206.227.131

    gimana caranya ya supaya si clien ga bisa konek ke ip 91.206.227.131

    soal nya tuh clien complain lelet banget inet nya, pas di cek untuk upload nya full ke ip 91.206.227.131 padahal si clien ga upload apa2, takut nya jangan2 spyware atau virus makanya mau blok aja dulu supaya komp si clien ga bisa konek ke ip 91.206.227.131

    tq

  2. #2
    Status
    Offline
    ripmanis's Avatar
    VIP Member
    Join Date
    Dec 2008
    Location
    Balikpapan as Balikpapaners
    Posts
    774
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by locantop Click here to enlarge
    kalau di torch misal ip clien 192.168.88.57 lagi ada aktivitas ke ip 91.206.227.131

    gimana caranya ya supaya si clien ga bisa konek ke ip 91.206.227.131

    soal nya tuh clien complain lelet banget inet nya, pas di cek untuk upload nya full ke ip 91.206.227.131 padahal si clien ga upload apa2, takut nya jangan2 spyware atau virus makanya mau blok aja dulu supaya komp si clien ga bisa konek ke ip 91.206.227.131

    tq
    cuman ngeblok ke ip itu ya !? masukin aja ke address-list, tandain sebagai apa kek, misalnya sebagai "Unknown target" kek.. gimanaaa..

    /ip fi address-list
    add list="Unknown target" address=91.206.227.131

    kemudian, masupin ke filter
    /ip fi fi
    ad chain=forward in-interface=lan dst-address-list="Unknown target" action=drop.

    tapi kamu gak ngasih info protocol dan port berapa yang digunakan ip tersebut, sehingga bisa didefinisikan lebih spesifik, apakah itu ip dari aktifitas P2P ? atau spyware ? atau malware ? atau apaware !?

    jika ditelusuri lebih lanjut, netname ip tersebut tangram-ua dengan kelompok ip 91.206.226.0 - 91.206.227.255. jadi, untuk sekedar contoh, masukin aja semua blok ip tersebut, hajar aja..

    /ip fi address-list
    add list="Unknown target" address=91.206.226.0-91.206.227.255

  3. The Following User Says Thank You to ripmanis For This Useful Post:


  4. #3
    Status
    Offline
    locantop's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by ripmanis Click here to enlarge
    cuman ngeblok ke ip itu ya !? masukin aja ke address-list, tandain sebagai apa kek, misalnya sebagai "Unknown target" kek.. gimanaaa..

    /ip fi address-list
    add list="Unknown target" address=91.206.227.131

    kemudian, masupin ke filter
    /ip fi fi
    ad chain=forward in-interface=lan dst-address-list="Unknown target" action=drop.

    tapi kamu gak ngasih info protocol dan port berapa yang digunakan ip tersebut, sehingga bisa didefinisikan lebih spesifik, apakah itu ip dari aktifitas P2P ? atau spyware ? atau malware ? atau apaware !?

    jika ditelusuri lebih lanjut, netname ip tersebut tangram-ua dengan kelompok ip 91.206.226.0 - 91.206.227.255. jadi, untuk sekedar contoh, masukin aja semua blok ip tersebut, hajar aja..

    /ip fi address-list
    add list="Unknown target" address=91.206.226.0-91.206.227.255
    pake protocol 17(UDP) ip nya si 91.206.227.131:53

  5. #4
    Status
    Offline
    ripmanis's Avatar
    VIP Member
    Join Date
    Dec 2008
    Location
    Balikpapan as Balikpapaners
    Posts
    774
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by locantop Click here to enlarge
    pake protocol 17(UDP) ip nya si 91.206.227.131:53
    ya udah, tinggal nambahin protocol itu di filter... beres toh, mantebh toh..
    kemungkinan sich semacam P2P gitu... coba mainkan p2p filternya, masalahnya klo p2p, target ip selalu berubah alias dinamik, gak bisa pake masukin destinasi ke address-list, mabok ente.

    mainkan p2p filter itu sekedar jaga2 kalo ente gak mau ada p2p di tempat ente, dan kalau ternyata ada, baru mainkan lebih lanjut. hokeeeeh...
    Last edited by ripmanis; 03-08-2009 at 11:54.

  6. #5
    Status
    Offline
    locantop's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    masih tembus juga aneh udah di blok di filter si jalan. tp masih narik aja upload nya.

  7. #6
    Status
    Offline
    ripmanis's Avatar
    VIP Member
    Join Date
    Dec 2008
    Location
    Balikpapan as Balikpapaners
    Posts
    774
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by locantop Click here to enlarge
    masih tembus juga aneh udah di blok di filter si jalan. tp masih narik aja upload nya.
    emang situ bikin confignya gimana ? coba copas bagian Filter disini..

  8. #7
    Status
    Offline
    dencow's Avatar
    Forum Guru
    Join Date
    Jan 2008
    Posts
    1,728
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    port 53 UDP yak?
    bukannya itu biasa dipake buat mesin DNS?
    coba aja bikin forwarder rule untuk memforward request ke"sono" menjadi ke DNS setempat

  9. #8
    Status
    Offline
    dencow's Avatar
    Forum Guru
    Join Date
    Jan 2008
    Posts
    1,728
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    oh ya, emang dikasih jatah queue seperti gang kancil atau seperti jalan sukarno hatta? Click here to enlarge

  10. #9
    Status
    Offline
    locantop's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by ripmanis Click here to enlarge
    emang situ bikin confignya gimana ? coba copas bagian Filter disini..
    chain=forward action=drop protocol=udp dst-address-list=Unknown target
    in-interface=LAN dst-port=53

  11. #10
    Status
    Offline
    pesonk's Avatar
    Member
    Join Date
    Jul 2009
    Posts
    176
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by locantop Click here to enlarge
    chain=forward action=drop protocol=udp dst-address-list=Unknown target
    in-interface=LAN dst-port=53
    begitu udah bener kok.. sekarang traffic uploadnya itu mentok di mikrotik gak ? (0 kbps) ?!
    setelah filter itu ada, liat torch lagi gak !? Click here to enlarge

  12. #11
    Status
    Offline
    locantop's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    268
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by pesonk Click here to enlarge
    begitu udah bener kok.. sekarang traffic uploadnya itu mentok di mikrotik gak ? (0 kbps) ?!
    setelah filter itu ada, liat torch lagi gak !? Click here to enlarge
    sama masih mentok

  13. #12
    Status
    Offline
    pesonk's Avatar
    Member
    Join Date
    Jul 2009
    Posts
    176
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by locantop Click here to enlarge
    sama masih mentok
    maksudnya mentok di mikrotik ? atau saat menuju target tersebut ada data yang lewat !?

  14. #13
    Status
    Offline
    zainalk29's Avatar
    Member Super Senior
    Join Date
    Aug 2007
    Location
    Banjarmasin, Yogyakarta, Indonesia
    Posts
    676
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    dipastikan dulu bos. ip client kamu selalu konek ke ip 91.206.227.131 yach yang banyak makan upload??? kalau iya block aja tujuan ip itu.

  15. #14
    Status
    Offline
    yosanpro's Avatar
    Co-Admin
    Join Date
    Nov 2007
    Location
    Bantul, Bantul, Yogyakarta
    Posts
    2,548
    Reviews
    Read 0 Reviews
    Downloads
    11
    Uploads
    4
    Feedback Score
    1 (100%)
    Bersihin aja spyware/virus nya kalo emang ada, ntar udah diblokir IP itu si spyware marah dan mengalihkan target ke tempat lain Click here to enlarge...

    Anyway, bener kata bro dencow, port 53 UDP itu biasanya dipake buat DNS. Anehnya lagi, saat aku coba akses IP 91.206.227.131 di browser, kok keluarnya tulisan blockdos.net, padahal IP itu dari Ukraine, nggak tahu apakah ini salah satu strategi si blockdos.net memasarkan produknya atau emang ada hacker yang ingin menyerang situs itu, atau hanya kebetulan aja.

  16. #15
    Status
    Offline
    pesonk's Avatar
    Member
    Join Date
    Jul 2009
    Posts
    176
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    salam kenal sebelumnya untuk semua juragan Click here to enlarge

    port 53 udp emang asumsinya dipake buat dns, tapi terkadang aku mendapatkan port tersebut dipake sebagai akses p2p, itu pun liatnya dari torch dan kemudian memasukkan rule p2p di filter, dan tercatat dalam kategori gnutella.

 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Ap Brige clien ga mau konek
    By locantop in forum General Networking
    Replies: 3
    Last Post: 01-03-2009, 00:56
  2. [Ask]Blok IP YM
    By rahmatkurniawan2007 in forum Beginner Basics
    Replies: 2
    Last Post: 21-01-2009, 16:18
  3. (ask) ngeprint user ID clien dengan printer
    By durjay in forum General Networking
    Replies: 0
    Last Post: 18-11-2008, 10:15
  4. (ask) ngeprint user ID clien dengan printer billing
    By durjay in forum Beginner Basics
    Replies: 0
    Last Post: 18-11-2008, 09:43
  5. blok mac
    By k1j0r in forum Wireless Networking
    Replies: 3
    Last Post: 12-11-2007, 18:46

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •