tag:blogger.com,1999:blog-174404402011-12-06T11:38:56.064+07:00Hitam PutihElannoreply@blogger.comBlogger101100tag:blogger.com,1999:blog-17440440.post-64504008470805880892009-02-02T23:29:00.003+07:002009-02-02T23:34:31.458+07:00Firewall Mikrotik Hotspot Gateway<p style="font-family: verdana;"><span style=";font-size:100%;" lang="IN" >Catatan :<br /></span></p><p style="font-family: verdana;"><span style=";font-size:100%;" lang="IN" >1. Lan card ada 2<br />2. Alokasi IP address pada Mikrotik Hotspot Gateway :<br />- to_hotspot ip public<br />- to_hotspot 10.10.0.1/16</span></p><p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=accept protocol=icmp icmp-options=8:0 limit=1,0 comment=”Allow ICMP”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=log tcp-flags=syn protocol=tcp limit=5/1m,0 log-prefix=”Firewalled packet:” comment=”# Log Forward”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=log protocol=icmp icmp-options=8:0 limit=10/1h,0 log-prefix=”PING of Death ???” comment=”# Log PING of Death”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop src-address=169.254.0.0/16 comment=”# Block bad IP address”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop src-address=224.0.0.0/3<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop src-address=224.0.0.0/4<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop src-address=240.0.0.0/5<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop src-address=248.0.0.0/5<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop src-address=255.255.255.255<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop connection-state=invalid comment=”# Drop invalid connections”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=accept protocol=icmp icmp-options=8:0 limit=5,0 comment=”# Allow ICMP”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=log protocol=icmp icmp-options=8:0 limit=10/1h,0 log-prefix=”PING of Death ???” comment=”# Log PING of Death”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=log tcp-flags=syn protocol=tcp limit=5/1m,0 log-prefix=”Firewalled packet:” comment=”# Log input”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop protocol=icmp comment=”# Block PING of Death”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_internet src-address=10.0.0.0/8 comment=”# Interface facing Public Internet Inbound Section RFC 1918″<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_internet src-address=202.91.11.6<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_internet src-address=192.168.0.0/16<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_internet src-address=202.91.8.160/29<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=0.0.0.0/8<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=input action=jump jump-target=block-input comment=”# Jump to block-input”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=forward action=jump jump-target=block-forward comment=”# Jump to block-forward”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=forward action=jump jump-target=block-ddos protocol=udp comment=”# Jump to block-ddos”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=forward action=jump jump-target=block-service comment=”# Jump to block-service”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-service action=drop p2p=all-p2p comment=”# Block ports you don’t want it insert here ..:: drop p2p ::..”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-service action=drop out-interface=to_internet dst-port=5050 protocol=tcp comment=”..:: drop yahoo messenger ::..”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-service action=drop out-interface=to_internet dst-port=6666-7000 protocol=tcp comment=”..:: drop irc ::..”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=127.0.0.0/8<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=169.254.0.0/16<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=172.16.0.0/12<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=192.0.2.0/24<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=204.152.64.0/23<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=224.0.0.0/3<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=224.0.0.0/4<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=240.0.0.0/5<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=248.0.0.0/5<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop src-address=255.255.255.255<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_internet src-address=202.91.8.167 comment=”# Block Smurf Attack on all interface”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_internet src-address=202.91.11.7<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_hotspot src-address=10.10.255.255<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_proxy src-address=192.168.100.255<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=113 protocol=tcp comment=”# Block Ident”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop fragment=yes comment=”# Block IP Frags”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop ipv4-options=loose-source-routing comment=”# Blocked source routed packets lsrr and ssrr”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop ipv4-options=strict-source-routing<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=reject reject-with=tcp-reset in-interface=to_internet dst-port=80 protocol=tcp comment=”# Reject connection from internet to port 80”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=reject reject-with=tcp-reset tcp-flags=syn,ack connection-state=new protocol=tcp comment=”# Reject Bad TCP”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop protocol=icmp comment=”# Block PING of Death”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_internet dst-port=23 protocol=tcp comment=”# Block Telnet come from Internet”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop in-interface=to_hotspot dst-port=23 protocol=tcp comment=”# Block Telnet come from Hotspot”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=137-139 protocol=tcp comment=”# Block Netbios Sessions tcp”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=137-139 protocol=tcp comment=”# Block Netbios Sessions tcp”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=137-139 protocol=udp comment=”# Block Netbios Sessions udp”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=135-139 protocol=udp comment=”# Block Netbios Sessions udp”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-ddos action=return limit=16,32<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-ddos action=log log-prefix=”DDOS ATTACK:”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-ddos action=drop limit=16,32<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=input action=jump jump-target=block-ddos protocol=udp comment=”# Jump to block-ddos”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags action=jump jump-target=bad-flags tcp-flags=fin,!ack protocol=tcp comment=”# tcp-flags jumpt to bad-flags”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags action=jump jump-target=bad-flags tcp-flags=psh,!ack protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags action=jump jump-target=bad-flags tcp-flags=urg,!ack protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags action=jump jump-target=bad-flags tcp-flags=fin,rst protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags action=jump jump-target=bad-flags tcp-flags=fin,syn protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags action=jump jump-target=bad-flags tcp-flags=syn,rst protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags action=jump jump-target=bad-flags tcp-flags=fin,syn,rst,psh,ack,urg,ece,cwr protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags protocol=tcp action=jump jump-target=bad-flags tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg,!ece,!cwr<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags protocol=tcp action=jump jump-target=bad-flags tcp-flags=fin,psh,urg,!syn,!rst,!ack,!ece,!cwr<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags action=jump jump-target=bad-flags tcp-flags=fin,syn,psh,urg,!rst,!ack,!ece,!cwr protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=tcp-flags action=jump jump-target=bad-flags tcp-flags=fin,syn,rst,ack,urg,!psh,!ece,!cwr protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=input action=jump jump-target=tcp-flags protocol=tcp comment=”# Jump to tcp-flags”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=bad-flags action=log log-prefix=”TCP BAD FLAGS:”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=bad-flags action=drop<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=syn-flood action=return tcp-flags=syn,!fin,!rst,!ack protocol=tcp limit=5,10<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=syn-flood action=return protocol=!tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=syn-flood action=return tcp-flags=!,syn,!fin,!rst,!ack protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=syn-flood action=log log-prefix=”SYN FLOOD:”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=syn-flood action=drop<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=input action=jump jump-target=syn-flood tcp-flags=syn,!fin,!rst,!ack protocol=tcp comment=”# Jump to syn-flood”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=445 protocol=tcp comment=”# Block CIFS tcp”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=135 protocol=tcp comment=”# Block RPC Portmapper”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=135 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=111 protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=135 protocol=tcp comment=”# Block RPC Portmapper”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=135 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=111 protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=111 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=445 protocol=tcp comment=”# Block CIFS tcp”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=111 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=69 protocol=tcp comment=”# Block TFTP”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=69 protocol=tcp comment=”# Block TFTP”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=69 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=20034 protocol=tcp comment=”# Block Netbus”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=20034 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=3133 protocol=tcp comment=”# Block Back0riffice”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=3133 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=69 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=20034 protocol=tcp comment=”# Block Netbus”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=20034 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=3133 protocol=tcp comment=”# Block Back0riffice”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=3133 protocol=udp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=2049 protocol=udp comment=”# Block NFS”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-input action=drop dst-port=2049 protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=2049 protocol=udp comment=”# Block NFS”<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-forward action=drop dst-port=2049 protocol=tcp<o:p></o:p></span></p> <p style="font-family: verdana;"><span style="" lang="IN">/ip firewall filter add chain=block-service action=drop out-interface=to_internet dst-port=1818 protocol=tcp comment=”# Block Game online”<o:p></o:p></span></p> <span style="font-family: verdana;" lang="IN">/ip firewall filter add chain=block-service action=drop out-interface=to_internet dst-port=6112 protocol=tcp</span><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-6450400847080588089?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com0tag:blogger.com,1999:blog-17440440.post-39230282348511217702009-02-02T17:24:00.007+07:002009-02-02T18:11:26.927+07:00Setting Mikrotik Untuk Router<span style="font-weight: bold;">KONFIGURASI FIREWALL DAN NETWORK</span><br /><p class="MsoNormal"><span style="" lang="IN">#/ip firewall nat add action=masquerade chain=srcnat<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=input connection-state=invalid action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=input protocol=udp action=accept<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=input protocol=icmp action=accept<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=input in-interface=(ethernet card yg ke lan) action=accept<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=input in-interface=(ethernet card yg ke internet) action=accept<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=input action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN"><span style=""> Jika Anda menggunakan Web Proxy :</span><o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip web-proxy set enabled=yes src-address=0.0.0.0. port=8080 hostname=”” parent-proxy=0.0.0.0:0 cache-administrator=”webmaster” max-object-size=4096KiB cache-drive=system max-cache-size=unlimited max-ram-cache-size=unlimited <o:p></o:p></span></p><span style="" lang="IN">#/ip firewall nat add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=3128<br />#/ip firewall nat add in-interface=modem dst-port=80 protocol=tcp action=redirect </span><span style="" lang="IN">to-ports=3128 chain=dstnat dst-address=!192.168.0.1/24</span><span style="" lang="IN"><span style=""> </span><o:p></o:p></span> <p class="MsoNormal"><span style="" lang="IN">Yang 3128 semuanya di ganti 8080 : caranya :<span style=""> </span><o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip web-proxy set enable=yes<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip web-proxy set port=3128<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip web-proxy set max-cache-size=3145728<span style=""> </span>( 3 kali total ram )<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip web-proxy set hostname=”proxy.saya”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip web-proxy set allow-remote-requests=yes<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip web-proxy set cache-administrator: “emailku@yahoo.com”</span></p><p class="MsoNormal"> </p><p class="MsoNormal"><b style=""><span style="" lang="IN">FILTERING :<o:p></o:p></span></b></p> <p class="MsoNormal"><span style="" lang="IN">#/ ip firewall filter <o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input connection-state=invalid action=drop comment=”Drop Invalid connections”<span style=""> </span><o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input connection-state=established action=accept comment=”Allow Established connections”<span style=""> </span><o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input protocol=udp action=accept comment=”Allow UDP”<span style=""> </span><o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input protocol=icmp action=accept comment=”Allow ICMP” <o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input src-address=192.168.0.0/24 action=accept comment=”Allow access to router from known network” <o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input action=drop comment=”Drop anything else”<span style=""> </span><o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN"><span style=""> </span><o:p></o:p></span><br /><b style=""><span style="" lang="IN">ANTI VIRUS UNTUK MIKROTIK :<o:p></o:p></span></b></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=forward action=jump jump-target=virus comment=”jump to the virus chain”<span style=""> </span><o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=forward protocol=icmp comment=”allow ping”add chain=forward protocol=udp comment=”allow udp”add chain=forward action=drop comment=”drop everything else“<o:p><br /></o:p></span></p> <p class="MsoNormal"><b style=""><span style="" lang="IN">SECURITY ROUTER MIKROTIK ANDA :<o:p></o:p></span></b></p> <p class="MsoNormal"><span style="" lang="IN">/ ip firewall filter<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input connection-state=established comment=”Accept established connections”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input connection-state=related comment=”Accept related connections”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input connection-state=invalid action=drop comment=”Drop invalid connections”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input protocol=udp action=accept comment=”UDP” disabled=no<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input protocol=icmp limit=50/5s,2 comment=”Allow limited pings”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input protocol=icmp action=drop comment=”Drop excess pings”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input protocol=tcp dst-port=22 comment=”SSH for secure shell”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input protocol=tcp dst-port=8291 comment=”winbox”<o:p></o:p></span></p> <p class="MsoNormal"><b style=""><span style="" lang="IN"># End of Edit #<o:p></o:p></span></b></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input action=log log-prefix=”DROP INPUT” comment=”Log everything else”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=input action=drop comment=”Drop everything else”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN"><o:p> </o:p></span></p> <p class="MsoNormal"><b style=""><span style="" lang="IN">SETTING KEAMANAN JARINGAN HANYA UNTUK LOKAL AREA ANDA :<o:p></o:p></span></b></p> <p class="MsoNormal"><span style="" lang="IN">/ip firewall filter<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=forward connection-state=established comment=”allow established connections”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=forward connection-state=related comment=”allow related connections”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=forward connection-state=invalid action=drop comment=”drop invalid connections”<span style=""> </span><o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=135-139 action=drop comment=”Drop Blaster Worm”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=udp dst-port=135-139 action=drop comment=”Drop Messenger Worm”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=445 action=drop comment=”Drop Blaster Worm”</span></p><p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=udp dst-port=445 action=drop comment=”Drop Blaster Worm”</span></p><p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=593 action=drop comment=”________”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment=”________”<br /></span></p><p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=1080 action=drop comment=”Drop MyDoom”</span></p><p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=1214 action=drop comment=”________”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=1363 action=drop comment=”ndm requester”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=1364 action=drop comment=”ndm server”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=1368 action=drop comment=”screen cast”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=1373 action=drop comment=”hromgrafx”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=1377 action=drop comment=”cichlid”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment=”Worm”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Bagle Virus”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=2283 action=drop comment=”Drop Dumaru.Y” add chain=virus protocol=tcp dst-port=2535 action=drop comment=”Drop Beagle”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Drop Beagle.C-K” add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment=”Drop MyDoom”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=3410 action=drop comment=”Drop Backdoor OptixPro”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=4444 action=drop comment=”Worm”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=udp dst-port=4444 action=drop comment=”Worm”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=5554 action=drop comment=”Drop Sasser”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=8866 action=drop comment=”Drop Beagle.B”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=9898 action=drop comment=”Drop Dabber.A-B”</span></p><p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=10000 action=drop comment=”Drop Dumaru.Y”</span></p><p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=10080 action=drop comment=”Drop MyDoom.B”</span></p><p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=12345 action=drop comment=”Drop NetBus”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=17300 action=drop comment=”Drop Kuang2″<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=27374 action=drop comment=”Drop SubSeven”</span></p><p class="MsoNormal"><span style="" lang="IN">#add chain=virus protocol=tcp dst-port=65506 action=drop comment=”Drop PhatBot, Agobot, Gaobot”<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN"><o:p> </o:p></span></p> <p class="MsoNormal"><b style=""><span style="" lang="IN"><span style=""> </span>#MatikanPort yang Biasa di pakai Spam :<o:p></o:p></span></b></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=135-139 protocol=tcp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=135-139 protocol=udp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=445 protocol=tcp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=445 protocol=udp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=593 protocol=tcp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=4444 protocol=tcp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=5554 protocol=tcp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=9996 protocol=tcp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=995-999 protocol=udp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=53 protocol=tcp action=drop<o:p></o:p></span></p> <p class="MsoNormal"><span style="" lang="IN">#/ip firewall filter add chain=forward dst-port=55 protocol=tcp action=drop</span><span style="" lang="IN"><o:p></o:p></span></p><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-3923028234851121770?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com0tag:blogger.com,1999:blog-17440440.post-1157705086735128342006-09-08T15:27:00.000+07:002009-02-02T17:42:20.546+07:00Install Apache, PHP dan MySQL pada WindowsInstall Apache, MySQL dan PHP pada Windows <br /><br />1. Download Apache 2.x <br />Download Apache 2.x.x di situs http://httpd.apache.org/download.cgi pilih versi untuk Win32 Binary (MSI Installer):apache_2.x.x-win32-x86-no_ssl.msi <br />2. Install apache 2.x <br />Cari file yang telah di download, klik dua kali lalu klik Next pada screen install : <br />Server Information <br />Isi dengan “localhost” klik Next <br />Destination Folder <br />Klik Change dengan folder defaultnya “C:\Program Files\Apache Group\” ganti dengan “C:\” tanpa quota. Klik OK dan lanjutkan proses installasi hingga selesai. <br />3. Jalankan Apache <br />Untuk menjalankan Apache pada Windows, yaitu dengan cara klik Start=>Programs=>Apache HTTP Server 2.x.x=>Control Apache Server=>Start. <br />Buat file dengan nama index.html seperti berikut : <br />//<html><br />//<body><br />Apache sudah jalan…… <br />//<body><br />//<html><br /><br />Simpan file tersebut di folder “C:\Apache2\htdocs” <br />Buka browser lalu ketikan http://localhost/ atau http://127.0.01/, jika muncul tulisan “Apache sudah jalan……” berarti Apache sudah jalan. <br />4. Downlaod dan Install PHP <br />Download PHP versi 4.3.10 atau yang terbaru di situs http://www.php.net/downloads.php, dan cari versi Windows Binaries. Download paket zip, not installer. <br />Ekstrak file tersebut dan simpan di “C:\”. Rename nama fodernya menjadi php sehinga seperti ini “C:\php”. Buka file “php.ini-dist” cari : <br />Kode : <br />doc_root= <br />Ganti menjadi : <br />doc_root=”c:\apache2\htdocs” <br />Kode: <br />extension_dir=”./” <br />Ganti menjadi: <br />extension_dir=”c:\php\extensions” <br />Simpan file tersebut di “C:\Windows” dengan nama “php.ini” <br />Salin file “php4ts.dll” ke direktori “C:\Windows” <br />5. Konfigurasi Apache <br />Buka file httpd.conf pada direktori “C:\Apache2\conf\httpd.conf” cari kode : <br />#LoadModule ssl_module modules/mod_ssl.so <br />Tambahkan dibawahnya dengan : <br />LoadModule php4_module "c:/php/sapi/php4apache2.dll" <br />dan <br />AddType application/x-httpd-php .php <br /><br />Simpan dan Restart Apache. Untuk mengetes apakah php sudah jalan, buat file dengan nama info.php dengan listing program : <br /><br />Simpan pada direktori “C:\Apache2\htdocs\info.php”. Buka pada browser dan ketikan http:\\localhost\info.php, jika muncul tampilan tentang informasi php, berarti php sudah jalan. <br />6. Download MySQL <br />Untuk mendapatkan software MySQL download pada situs http://www.mysql.com/downloads/index.html dan pilih MySQL database server and standartd clients: klik pada Production release. Disini penulis memakai versi 4.0.26. <br />7. Install MySQL <br />Double klik file hasil download untuk memulai Install MySQL. Klik Next kemudian pilih Custom dan Developer Componentsnya jangan diinstall dan klik next untuk melanjutkan proses installasi. <br />Pada pilihan Look in pilih “C:\mysql” lalu klik OK. Pada jendela berikutnya klik Install dan tunggu sampai Prosesnya selesai. <br />Pilih Skip Sign Up dan klik next, pada jendela berikutnya klik Finish. Tampilan berikutnya akan ditampilkan jendela Konfigurasi, klik Next, pada jendela berikutnya pilih Standard Configuration. Dan pada jendela berikutnya pilih “Install As Windows Service” dan cecklist “Launch the MySQL Server automatically” klik Next. Jendela berikutnya akan ditampilkan jendela Scurity. Isi password sesuai dengan keinginan kita dan jangan sampai lupa, klik Next. <br />8. Tes MySQL <br />Buat file dengan nama "connect.php" :<br /><br />//<?php<br />//$con = mysql_connect("localhost","peter","abc123");<br />//if (!$con)<br /> //{<br /> //die('Could not connect: ' . mysql_error());<br /> //}<br /><br />// some code<br /><br />//?><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-115770508673512834?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com0tag:blogger.com,1999:blog-17440440.post-1149646803935729782006-06-07T08:23:00.000+07:002006-06-07T09:20:04.413+07:00Istall DHCP Server di FreeBSD<strong>1. Apa itu DHCP?</strong><br />Dynamic Host Configuration Protocol (DHCP) adalah suatu protokol untuk mengotomatiskan tugas IP menunjuk ke suatu jaringan. Masing-Masing komputer yang dihubungkan ke suatu jaringan harus mempunyai suatu IP unik, dan tanpa DHCP TCP/IP informasi harus ditugaskan dengan cara manual pada masing-masing komputer.<br /><strong>2. Installing ISC DHCP</strong><br />ISC DHCP Server adalah suatu implementasi gratis untuk DHCP protokol. Software tersebut dapat kita download di situs <a href="http://www.isc.org/products/DHCP">www.isc.org/products/DHCP</a>.<br />Sebelum kita mulai installasi, pastikan bpf device sudah di-compile kedalam kernel. Jika kita sedang menggunakan kernel default (GENERIC), maka kita harus konfigur kedalam kernel secara default.<br />Langkah-langkahnya adalah :<br />Anda harus login sebagai root, download terlebih dahulu software untuk DHCPnya.<br />#wget http://ftp.isc.org/isc/dhcp/dhcp-3.0.4.tar.gz<br />Kemudian extract file tersebut dengan cara :<br />#tar -zxvf dhcp-3.0.4.tar.gz<br />Ok... selesai extract langkah selanjutnya adalah proses installasi.<br /># cd /usr/ports/net/isc-dhcp3-server<br /># make install clean<br />Satu langkah sudah selesai menginstall, kita pindah ke konfigurasi server. sebagai contoh konfigurasi pada file usr/local/etc/dhcpd.conf.sample anda dapat menyalin atau mengganti nama menjadi dhcpd.conf.<br /><strong>3. Konfigurasi</strong><br />Kita dapat menggunakan editor teks favorit kita untuk mengedit dhcpd configuration file.<br />option domain-name "example.com";<br /># the domain-name option specifies the domain provided to clients as the default search domain.<br />option domain-name-servers dns1.example.com, dns2.example.com;<br /><br /># the domain-name-servers provide clients with the DNS server.Replace this with your DNS server.<br />default-lease-time 86400;<br />max-lease-time 86400;<br /><br /># The default lease expiry time in seconds<br /># This is the maximum length of time that the server will lease for.<br />authoritative;<br /><br /># If this DHCP server is the official DHCP server for the local<br /># network, the authoritative directive should be uncommented.<br />ddns-update-style none;<br /># Use this to send dhcp log messages to a different log file (you also have to hack syslog.conf to complete the redirection).log-facility local7;<br /><br />subnet 192.168.0.0 netmask 255.255.255.0 {<br />range 192.168.0.5 192.168.0.25;<br />option routers 192.168.0.1;<br />}<br />host pingpong {<br />hardware ethernet 00:00:00:00:00:00; [1] <br />fixed-address pingpong; [2] <br />default-lease-time 604800; <br />max-lease-time 604800;<br />}<br /># [1] You should change this to the hardware MAC address of the client<br /># [2] You should provide this with a valid hostname, and dhcp server will resolve the hostname before returning the lease to the client. I edited /etc/hosts and specify pingpong with my IP address.<br /><strong>4. Menjalankan DHCP pada starup</strong><br />Edit file pada direktori /etc/rc.conf, isinya :<br />dhcpd_enable="YES"<br />dhcpd_flags="-q"<br />dhcpd_conf="/usr/local/etc/dhcpd.conf"<br />dhcpd_withumask="022"<br />dhcpd_chuser_enable="YES"<br />dhcpd_withuser="dhcpd"<br />dhcpd_withgroup="dhcpd"<br />dhcpd_ifaces=”rl1”<br /><br />Start DHCP dengan perintah berikut :<br /># /usr/local/etc/rc.d/isc-dhcpd.sh start<br /><br />Ok... sekarang installasi sudah selesai. Semoga bermanfaat buat kita semua.<br />Selamat mencoba.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-114964680393572978?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com0tag:blogger.com,1999:blog-17440440.post-1149124966473226092006-06-01T08:16:00.000+07:002006-06-06T15:22:56.300+07:00Install xampp di LinuxOk, yang pertama mungkin kita harus tahu dulu apa itu xampp? xampp yaitu suatu program untuk aplikasi Web Server yang berisi PHP, MySQL, Apache dan PHPMyAdmin. Dengan program ini kita tidak perlu susah payah install satu persatu. And........ langsung aja kita mulai langkah2 install-nya.......<br /><br /><strong>1. Langkah Pertama Download xampp</strong><br />Anda bisa mendownload xampp dengan cara :<br />#wget http://nchc.dl.sourceforge.net/sourceforge/xampp/xampp-linux-1.5.3a.tar.gz<br />atau<br />#lynx http://nchc.dl.sourceforge.net/sourceforge/xampp/xampp-linux-1.5.3a.tar.gz<br /><br /><strong>2. Langkah Kedua Installasi</strong><br />- masuk ke Linux Sell dan login sebagai root.<br />- extract file hasil download tersebut ke direktori /opt :<br />#tar xvfz xampp-linux-1.5.3.tar.gz -C /opt<br /><br /><strong>3. Langkah Ketiga Start</strong> <strong>xampp<br /></strong>Untuk memulai XAMPP tinggal panggil melalui perintah :<br />#/opt/lampp/lampp start<br />Maka akan muncul tampilan :<br /><br />Starting XAMPP 1.5.3...<br />LAMPP: Starting Apache...<br />LAMPP: Starting MySQL...<br />LAMPP started.<br /><br />Ready. Apache and MySQL are running<br /><br /><strong>4. Langkah Keempat adalah tinggal Test</strong><br />Buka browser anda dan ketikan : http://localhost dan akan muncul tampilan pertama dari xampp.<br /><br />And ....so install udah selesai........<br />Kalo anda ingin meng-uninstall program tersebut caranya :<br />#rm -rf /opt/lampp<br /><br /><div align="center">---- Ok met mencoba ----</div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-114912496647322609?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com3tag:blogger.com,1999:blog-17440440.post-1134544421110528852005-12-14T14:05:00.000+07:002005-12-30T22:10:59.196+07:00Install dan Konfigurasi Squid Proxy serverPertama kali adalah download squid versi terbaru di www.squid-cache.org <br />Saya coba pake squid versi 2.5 STABLE12.<br />Contoh :<br />#lynx http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE12.tar.gz<br /><br />- extract squid :<br />#tar -zxvf squid-2.5.STABLE12.tar.gz<br />#cd squid-2.5.STABLE12<br />#./configure --enable-delay-pools --enable-ipf-transparent --enable-storeio=diskd,ufs --enable-storeio=diskd,ufs --disable-ident-lookups --enable-snmp --enable-removal-policies<br />#make all<br />#make install<br /><br />Selesai install squidnya, tinggal konfigurasi squid.<br /><br /># ee /usr/local/squid/etc/squid.conf<br />silahkan atur sesuai keinginan anda<br /><br />- http_port 3128 ==> port buat squid<br />- httpd_accel_host virtual ==> transparent proxy<br />- httpd_accel_port 80 ==> transparent proxy<br />- httpd_accel_with_proxy on ==> transparent proxy<br />- httpd_accel_uses_host_header on ==> transparent proxy<br /><br />untuk memblokir situs porno tambahkan :<br />- acl notsex url_regex -i "/usr/local/squid/etc/notsex"<br />- acl sex url_regex -i "/usr/local/squid/etc/sex" <br />- http_access deny sex all<br />- http_access allow notsex all<br />- http_access allow all<br /><br />buat file sex :<br /># ee /usr/local/squid/etc/sex<br />masukan list situs porno yang akan di blok misal :<br />www.17tahun.com<br />17tahun.com<br />17tahun<br />dewasa.tk<br />uh-oh.com<br />dll<br /><br />trus buat file notsex :<br /># ee /usr/local/squid/etc/notsex<br />.*.msexchange.* <br />.*.msexcel.* <br />.*freetown.* <br />.*geek-girls.* <br />.*scsext.* <br />missingheart <br />documen <br />button <br />wirelessexcite<br />dll...<br /><br />Kalau sudah cukup konfigurasinya simpan.<br /><br />buat directori cache<br /># mkdir /usr/local/squid/var/cache<br /># chmod 777 /usr/local/squid/var/*<br /><br />tinggal jalanin squidnya.<br /><br /># /usr/local/squid/sbin/squid -z ( cukup satu kali )<br /># /usr/local/squid/sbin/squid<br /><br />tinggal test di client dengan memasukan proxy servernya. <br />coba buka satu situs kalo bisa kebuka berarti jalan...<br />buka www.17tahun.com kalo gak bisa kebuka berarti bloking situs porno jalan.<br /><br />Untuk Transparent Proxy :<br /><br />edit /etc/rc.local<br />#ee /etc/rc.local<br />isinya :<br /><br />/usr/local/squid/sbin/squid<br /><br />ipfw add 30000 allow tcp from (ip.proxy.anda -> misalkan 192.168.1.1) to any 80 <br />ipfw add 30010 fwd (ip.proxy.anda -> misalkan 192.168.1.1),(port_proxy -> misalkan 8080 )tcp from any to any 80<br /><br />simpan<br /><br />dan reboot pc.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-113454442111052885?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com11tag:blogger.com,1999:blog-17440440.post-1132479888561037562005-11-20T16:40:00.000+07:002005-11-20T16:44:48.563+07:00Lupa Password di FreeBSDApa yang harus dilakukan jika anda melupakan password di FreeBSD ?<br /><br /><br />Langkah-langkah yang harus dilakukan adalah :<br /><br />1. Hidupkan dolo PC nya.<br />2. Perhatikan saat OS mulai tampil pesan seperti :<br /><br /> Hit [Enter] to boot immediately, or any other key for command prompt.<br /> Booting [kernel] in 10 seconds...<br /><br />3. Kemudian cepat Tekan tombol spacebar, dan akan terlihat pesan <br />berikut ini :<br /><br /> Type '?' for a list of commands, or 'help' for more detailed help.<br /> ( ok )<br /> kemudian ketik : boot -s<br /> Tekan tombol ENTER untuk memulai FreeBSD dalam single user mode.<br /><br />4. maka Setelah system di boot akan terlihat pesan berikut:<br /><br /> Enter full pathname of shell or RETURN for /bin/sh:<br /> Tekan tomnbol ENTER dan kita akan masuk ke # prompt.<br /><br />5. lalu Aktifkan file system, Karen filenya cuma read only maka lakukan<br />command :<br /><br /> # mount -t ufs -a<br /> # passwd<br /> New password: trustix123 ( contoh passwd )<br /> Retype new password: trustix123<br /> passwd: updating the database...<br /> passwd: done<br /> # exit<br /><br />6. Kemudian Coba reboot PC nya lalu login sebagai multi user ( login<br />seperti biasa ).<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-113247988856103756?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com0tag:blogger.com,1999:blog-17440440.post-1132479249879804942005-11-20T16:26:00.000+07:002005-11-20T16:34:09.893+07:00File Transfer ProtocolFTP (File Transfer Protocol) merupakan salah satu fasilitas yang berguna untuk mentransfer data dari server salah satu host yang Anda masuki ke dalam komputer local (download) dan sebaliknya (upload). Sebagian server FTP mensyaratkan Anda memiliki login dan password untuk dapat mengakses ke dalamnya, tetapi ada juga yang tidak mensyaratkan demikian. Server FTP ini disebut Server FTP Public atau Anonymous FTP, anda dapat menggunakan anonymous untuk login dan alamat email Anda untuk passwordnya.<br />open<br /><br /> Perintah open digunakan untuk memasuki server FTP salah satu host. Cara penggunaannya adalah :<br /><br /> ftp> open ftp.ukdw.ac.id<br /> Connected to ns1.ukdw.ac.id.<br /> 220 ns1.ukdw.ac.id FTP server (Version wu-2.4.2-academ[BETA-15](1) Fri Oct 17 17:07:33<br /> PDT 1997) ready.<br /> User (ns1.ukdw.ac.id:(none)): anonymous<br /> 331 Guest login ok, send your complete e-mail address as password.<br /> Password:<br /><br /> Setelah memasuki server FTP, anda akan diminta untuk memasukan login dan password.<br /><br />dir/ls<br /><br /> Perintah ini digunakan untuk melihat isi dari direktori. Perbedaan antara ls dan dir adalah jika menggunakan perintah ls isi direktori yang ditampilkan tidak lengkap (kecuali Anda menyertakan option -l) dan perintah dir akan menampilkan isi direktori yang lengkap dengan besar file, tanggal modifikasi dan lain-lain.<br /><br /> ftp> ls -l<br /> 200 PORT command successful.<br /> 150 Opening ASCII mode data connection for /bin/ls.<br /> total 24<br /> dr-xr-xr-x 7 ftp operator 512 Feb 6 10:06 FreeBSD<br /> dr-xr-xr-x 4 ftp operator 1024 Mar 18 10:30 cdrom<br /> dr-xr-xr-x 6 ftp operator 512 Mar 4 12:09 emulators<br /> dr-xr-xr-x 2 ftp operator 512 Feb 6 10:08 fp98<br /> dr-xr-xr-x 2 ftp operator 512 Dec 11 07:04 gis<br /> dr-xr-xr-x 2 ftp operator 512 Dec 13 05:57 glimpse<br /> dr-xr-xr-x 2 ftp operator 1536 Jan 10 03:43 mp3<br /> dr-xr-xr-x 7 ftp operator 512 Dec 2 06:04 quickcam<br /> dr-xr-xr-x 2 ftp operator 512 Dec 10 08:26 socks5<br /> dr-xr-xr-x 5 ftp operator 512 Nov 25 19:05 viruscan<br /> dr-xr-xr-x 4 ftp operator 512 Nov 25 17:49 windows<br /> 226 Transfer complete.<br /> 616 bytes received in 0.00 seconds (616000.00 Kbytes/sec)<br /><br />cd<br /><br /> Perintah ini sama fungsinya seperti di dalam DOS, yang berfungsi untuk berpindah direktori di dalam server FTP. Biasanya file-file yang dapat di-download untuk anonymous FTP diletakkan dalam direktori pub.<br /><br /> ftp> cd pub/windows<br /> 250 CWD command successful.<br /><br />mkdir<br /><br /> Perintah ini digunakan untuk membuat suatu direktori. Tetapi jika anda mengakses anonymous FTP, maka anda tidak dapat membuat direktori di dalam server tersebut, jika hak akses direktorinya rwxr-xr-x. Namun ada beberapa FTP server yang memperbolehkan anonymous user untuk membuat direktori, biasanya direktori ini dinamakan incoming.<br /><br />lcd<br /><br /> Perintah ini digunakan untuk mengeset direktori pada komputer local anda. Perintah ini menentukan di mana file yang Anda download (get) atau file yang akan Anda upload (put) berada.<br /><br /> ftp> lcd \windows\desktop<br /> Local directory now C:\windows\Desktop<br /><br />ascii dan binary<br /><br /> Mode ascii digunakan jika anda akan men-download atau meng-upload file yang bermode teks. Jika selain mode teks seperti file terkompresi (.zip), program (.exe), atau file-file lain yang bukan bermode teks gunakan mode binary.<br /><br /> ftp> ascii<br /> 200 Type set to A.<br /><br /> ftp> binary<br /> 200 Type set to I.<br /><br />hash<br /><br /> Perintah hash berguna untuk mengetahui jalannya proses transfer file dari/ke server FTP dengan diberi tanda #. Setiap tanda # bernilai 2048 byte (untuk FTP client Windows 95) atau 1024 byte (untuk FTP client pada UNIX). Dengan demikian dapat diperkirakan status download/upload yang sedang dilakukan, telah mencapai berapa byte (dapat dipantau dengan menghitung tanda # per baris, satu baris=80 kolom -> 80 * 1024 byte atau 80 * 2048 byte per baris). Sebenarnya tanpa perintah hash, proses transfer file dapat berjalan tetapi kita tidak dapat mengetahui apakah transfer data itu masih berjalan atau tidak.<br /><br /> ftp> hash<br /> Hash mark printing On (2048 bytes/hash mark).<br /><br />prompt<br /><br /> Perintah ini berguna jika Anda yakin pada saat Anda menggunakan mget atau mput, Anda tidak ingin diminta konfirmasi satu per satu file yang akan di-download/di-upload. Perintah prompt bersifat toggle, dia akan mengatur setting on atau off sesuai keadaan sekarang.<br /><br />put dan mput<br /><br /> Perintah ini digunakan untuk mentransfer file dari komputer local ke server FTP (upload). Perbedaan put dan mput adalah jika menggunakan perintah put maka file yang dikirim hanya satu file saja. Untuk mentransfer file lebih dari satu secara langsung maka gunakan perintah mput.<br /><br />get dan mget<br /><br /> Perintah ini digunakan untuk mengambil file dari server FTP ke komputer local (download). Perbedaannya antara get dan mget adalah jika perintah get digunakan maka file yang diambil hanya berjumlah satu file saja, sedangkan dengan perintah mget dapat diambil file berjumlah lebih dari satu secara langsung.<br /><br />close, quit, dan bye<br /><br /> Perintah close digunakan untuk menutup server FTP yang aktif sehingga Anda dapat berpindah ke server FTP lain (dengan perintah open). Dan perintah quit atau bye untuk menutup server FTP yang aktif sekaligus keluar dari program FTP.<br /><br />! (tanda seru)<br /><br /> Perintah ini digunakan untuk membuka editor DOS Prompt. Ini berguna jika anda ingin melihat apakah file yang anda download telah masuk ke dalam komputer local atau belum.<br /><br />Sebenarnya masih banyak perintah-perintah FTP yang lainnya tetapi yang dijelaskan di atas merupakan perintah umum yang sering digunakan dalam FTP. Untuk mengetahui perintah-perintah lain Anda dapat menuliskan help atau tanda tanya (?). Dan untuk mengetahui kegunaan setiap perintah Anda dapat menuliskan help atau tanda tanya (?) di depan perintah FTP yang ingin Anda ketahui kegunaannya. Selamat mencoba.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-113247924987980494?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com1tag:blogger.com,1999:blog-17440440.post-1128443678168056552005-10-04T23:27:00.000+07:002008-01-09T11:13:03.429+07:00About me<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://bp1.blogger.com/_m8nMQIMzgLs/R4RJpfRCb1I/AAAAAAAAAAc/VO-3kqykiAY/s1600-h/beastie.gif"><img style="margin: 0pt 0pt 10px 10px; float: right; cursor: pointer;" src="http://bp1.blogger.com/_m8nMQIMzgLs/R4RJpfRCb1I/AAAAAAAAAAc/VO-3kqykiAY/s320/beastie.gif" alt="" id="BLOGGER_PHOTO_ID_5153324850735116114" border="0" /></a><br /><br /><a href="http://photos1.blogger.com/blogger/2991/1681/1600/Img_1795.6.jpg"><br /></a><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-112844367816805655?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com1tag:blogger.com,1999:blog-17440440.post-1128442818225711942005-10-04T23:20:00.000+07:002006-06-01T10:41:05.740+07:00First Posted<span style="font-family:trebuchet ms;">Halloooo Guys !!!!!!!!!!!<br />Bila kita mempunyai pengetahuan tentang sesuatu ( yang baik ), maka tidak ada salahnya bila kita berbagi tentang apa yang telah kita ketahui.<br />Dan merupakan sesuatu yang baik pula bila kita memberi tahu kepada orang yang belum tahu.<br />OK...... Aku bukannya mau nasehatin kamu - kamu semua, tapi hanya sekedar berargument aja kok.... tapi kalo emang bener, boleh donk kita terima :d<br /></span><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/17440440-112844281822571194?l=mrlans.blogspot.com' alt='' /></div>Elannoreply@blogger.com0