Banyak trafik Keluar melalui UDP


Status
Not open for further replies.

PusatHosting

Hosting Guru
kelihatannya memang ada yang tanam sesuatu di serverku
86 LEN=8200 250 DST=110.139.UID=48
24.58 LEN=8220 TIN= OUT=eth0 SRC=204.74.211.250 DST=110.139.24.58 OS=0x00 PREC=0x0LEN=8220 TOS=0x00 PREC=0x00 TTL=64 ID=57558 PROTO=UDP 0 TTL=64 ID=5643SPT=53162 DPT=6915 LEN=8200 UID=48 4 PROTO=UDP SPT=
49667 DPT=31218 IN= OUT=eth0 LEN=8200 UID=48 SRC=204.74.211.250 DST=110.139.24.58 LEN=8220 TOS=0x00 PREC=0x00 TTL=64 ID=57559
Aug 28 12:49:4PROTO=UDP SPT=35522 DPT=27680 LEN=8200 8 cancun kernel:UID=48
IN= OUT=eth0 SRIN= OUT=eth0 C=204.74.211.250SRC=204.74.211.250 DST=110.139.24.58 LEN=8220 TOS=0x00 PREC=0x00 TTL=64 ID=57560 DST=110.139.24.PROTO=UDP SPT=37215 DPT=56207 LEN=8200 58 LEN=8220 TOS=UID=48
0x00 PREC=0x00 TIN= OUT=eth0 TL=64 ID=56435 PSRC=204.74.211.250 DST=110.139.24.58 LEN=8220 TOS=0x00 PREC=0x00 TTL=64 ID=57561 ROTO=UDP SPT=508PROTO=UDP SPT=55435 DPT=61541 LEN=8200 95 DPT=52376 LENUID=48
=8200 UID=48

masih cari2, apa ada masukan untuk rule iptables mengetahui siapa yang eksekusi
 

PusatHosting

Hosting Guru
ini dia sebagian fitur file tsb bikin ruwet juga hehe
array("Enumerate",$enumerate),
array("Home",$surl),
array("Back","#\" onclick=\"history.back(1)"),
array("Forward","#\" onclick=\"history.go(1)"),
array("Up",$surl."act=ls&d=%upd&sort=%sort"),
array("Search",$surl."act=search&d=%d"),
array("Buffer",$surl."act=fsbuff&d=%d"),
array("Encoder",$surl."act=encoder&d=%d"),
array("Tools",$surl."act=tools&d=%d"),
array("Process",$surl."act=processes&d=%d"),
array("FTP Brute",$surl."act=ftpquickbrute&d=%d"),
array("Security",$surl."act=security&d=%d"),
array("SQL",$surl."act=sql&d=%d"),
array("PHP-Code",$surl."act=eval&d=%d"),
array("Backdoor",$surl."act=shbd&d=%d"),
array("BackConnect",$surl."act=backc&d=%d"),
array("Mailer",$surl."act=fxmailer&d=%d"),
array("Exploit-DB",$millink),
array("PHP-Proxy",$phprox),
array("Kill Shell",$surl."act=selfremove"),
array("Feedback",$surl."act=feedback&d=%d"),
array("DDos",$surl."act=dos&d=%d"),
array("Scanner SQLi",$surl."act=scan&d=%d"),
array("Scanner LFI",$surl."act=lfi&d=%d"),
array("Reverse IP",$surl."act=reverse"),
array("Root Exploit","http://tarantula.by.ru/localroot"),
array("Rem Root","http://125.251.142.142/zboard/local/rem"),
array("SSHDoor","http://www.prospeedperformance.com/ssh.tar.gz"),
array("Black Horse","http://dkrossarema.com/add.php"),
array("iStealer","http://pakarmedia.com/index1.php"),
array("IDC","http://indonesiancoder.com"),
array("MD5-Cracker","http://hashchecker.de/find.html"),
array("Page Admin","http://tools.vyc0d.uni.cc/login_finder"),
array("SQL Inject","http://tools.kerinci.net/?x=injector"),
array("MD5-Lookup","http://gdataonline.com/seekhash.php"),
array("Zone-h","http://zone-h.org"),
array("My Blog","http://vrologic.blogspot.com"),
array("My Forum","http://vrodin.forumxpress.net")
 

localhost

Apprentice 2.0
ada bagusnya user yang iseng tersebut dipublish juga disini agar rekan hosting yang lain dapat waspada :)
 
Status
Not open for further replies.

Top