Community discussions

MikroTik App
  4. RouterOS
  5. General

worm attack on web-proxy

Post Reply
 
User avatar
bholler
Trainer
Trainer
Topic Author
Posts: 95
Joined: Wed Feb 09, 2005 10:22 pm
Location: Nigeria
Contact:
Contact bholler

worm attack on web-proxy

Fri Mar 31, 2006 9:40 pm

hello

i have a peoblem that is not under control. i suddenly saw lots of connction on my connexction tracking in my MT box and the ystems became slow. then i looked through my web-proxy status and found out that i had almost 200 clients on a cybercfe that has only 19 computers working.

i later formatted all the systems and b4 hooking them up to the MT again i had 133 clients connection.

below is the print out of the connetionc tracking and web-proxy




MMM MMM KKK TTTTTTTTTTT KKK
MMMM MMMM KKK TTTTTTTTTTT KKK
MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK KKK
MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK
MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK
MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK

MikroTik RouterOS 2.9 (c) 1999-2005 http://www.mikrotik.com/












Terminal vt102 detected, using multiline input mode
[admin@proxynet_core] > /ip fire conn
[admin@proxynet_core] ip firewall connection> pr
Flags: S - seen reply, A - assured
# PR.. SRC-ADDRESS DST-ADDRESS TCP-STATE TIMEOUT
0 udp 213.31.43.162:6517 255.255.255.255:6516 29s
1 igmp 213.31.43.162 224.0.0.1 8m44s
2 tcp 213.31.43.163:8080 83.76.230.157:58869 established 4d23h18m32s
3 tcp 213.31.43.163:8080 206.127.2.48:42032 established 4d23h30m36s
4 tcp 213.31.43.163:8080 83.100.161.7:62394 established 4d23h36m8s
5 SA tcp 192.168.250.252:1040 216.155.193.162:5050 established 4d23h59m48s
6 tcp 213.31.43.163:8080 61.29.209.132:5577 established 4d23h50m23s
7 SA udp 127.0.0.1:1241 127.0.0.1:53 2m52s
8 SA tcp 213.31.43.163:4892 219.133.51.40:80 established 4d23h46m41s
9 SA tcp 213.31.43.163:4942 219.133.51.39:80 established 4d23h48m29s
10 SA tcp 213.31.43.163:4976 219.133.51.183:80 established 4d23h48m36s
11 tcp 213.31.43.163:8080 83.100.161.7:63451 established 4d23h58m31s
12 SA tcp 213.31.43.163:1068 219.133.51.38:80 established 4d23h48m49s
13 SA tcp 66.178.59.21:1520 213.31.43.163:8291 established 5d
14 SA tcp 213.31.43.163:1119 219.133.51.184:80 established 4d23h49m43s
15 SA tcp 213.31.43.163:1124 209.104.58.141:80 established 4d23h50m30s
16 SA tcp 213.31.43.163:1150 219.133.51.38:80 established 4d23h50m47s
17 SA tcp 213.31.43.163:1257 209.104.58.141:80 established 4d23h52m10s
18 tcp 213.31.43.163:8080 193.136.159.127:4436 established 4d23h58m30s
19 SA tcp 213.31.43.163:1284 219.133.51.38:80 established 4d23h53m6s
20 SA tcp 213.31.43.163:1290 219.133.41.81:80 established 4d23h52m39s
21 SA tcp 213.31.43.163:1327 219.133.51.39:80 established 4d23h52m49s
22 SA tcp 220.114.128.70:1807 213.31.43.163:80 established 4d23h58m19s
23 SA tcp 192.168.250.209:1039 212.73.245.93:80 established 4d23h54m49s
24 SA tcp 58.49.250.49:64611 213.31.43.163:80 time-wait 5s
25 SA tcp 58.49.250.49:64655 213.31.43.163:80 time-wait 20s
26 SA tcp 61.243.176.38:58254 213.31.43.163:80 time-wait 21s
27 SA tcp 58.49.250.49:64702 213.31.43.163:80 time-wait 18s
28 SA tcp 213.31.43.163:1488 209.104.58.141:80 established 4d23h54m40s
29 SA tcp 61.243.176.38:58842 213.31.43.163:80 time-wait 39s
30 SA tcp 58.49.250.49:64740 213.31.43.163:80 time-wait 10s
31 SA tcp 61.243.176.38:59240 213.31.43.163:80 time-wait 11s
32 SA tcp 58.49.250.49:64790 213.31.43.163:80 time-wait 8s
33 SA tcp 61.243.176.38:60006 213.31.43.163:80 time-wait 1s
34 SA tcp 58.49.250.49:64833 213.31.43.163:80 time-wait 1m2s
35 SA tcp 61.243.176.38:60687 213.31.43.163:80 time-wait 18s
36 SA tcp 65.245.134.193:2261 213.31.43.163:80 time-wait 22s
37 SA tcp 58.49.248.148:2392 213.31.43.163:80 close-ack 7s
38 SA tcp 213.31.43.163:1570 219.133.60.174:443 time-wait 14s
39 SA tcp 213.31.43.163:1585 212.143.162.170:80 established 4d23h57m55s
40 SA tcp 61.243.176.38:61421 213.31.43.163:80 time-wait 1m17s
41 tcp 213.31.43.163:8080 206.127.2.51:59612 time-wait 16s
42 SA tcp 58.48.142.109:4509 213.31.43.163:80 established 4d23h56m15s
43 SA udp 213.31.43.163:1292 80.179.100.2:53 28s
44 SA tcp 213.31.43.163:1606 219.133.49.6:443 established 4d23h56m12s
45 SA tcp 61.243.176.38:62056 213.31.43.163:80 time-wait 1s
46 SA tcp 70.78.112.157:2266 213.31.43.163:80 time-wait 14s
47 SA udp 213.31.43.163:1293 80.179.100.2:53 21s
48 SA tcp 213.31.43.163:1631 66.218.75.184:80 time-wait 15s
49 SA tcp 58.49.249.109:3917 213.31.43.163:80 established 4d23h56m44s
50 SA tcp 213.31.43.163:1633 219.133.49.174:443 established 4d23h56m45s
51 SA tcp 206.127.2.41:35852 213.31.43.163:80 time-wait 29s
52 SA tcp 67.15.6.71:4377 213.31.43.163:80 time-wait 46s
53 SA udp 213.31.43.163:1294 80.179.100.2:53 12s
54 SA tcp 70.78.112.157:2558 213.31.43.163:80 time-wait 9s
55 SA udp 213.31.43.163:1296 80.179.100.2:53 10s
56 SA tcp 213.31.43.163:1664 66.94.229.253:80 time-wait 7s
57 SA udp 213.31.43.163:1297 80.179.100.2:53 2s
58 SA tcp 192.168.250.252:1063 70.86.152.2:80 established 4d23h59m12s
59 SA tcp 213.31.43.163:1668 70.86.152.2:80 established 4d23h59m12s
60 SA tcp 61.243.176.38:63876 213.31.43.163:80 time-wait 30s
61 SA tcp 213.240.228.11:2187 213.31.43.163:80 time-wait 42s
62 SA tcp 213.31.43.163:1672 219.133.51.183:80 time-wait 45s
63 tcp 213.31.43.163:8080 216.91.59.253:54245 time-wait 22s
64 SA tcp 206.127.2.43:43808 213.31.43.163:80 time-wait 34s
65 SA tcp 213.31.43.163:1674 209.104.58.141:80 time-wait 43s
66 SA tcp 220.114.128.70:1324 213.31.43.163:80 time-wait 34s
67 SA tcp 71.31.81.121:4016 213.31.43.163:80 time-wait 25s
68 SA tcp 213.31.43.163:1677 212.112.229.179:80 time-wait 54s
69 SA tcp 61.243.176.38:64129 213.31.43.163:80 time-wait 36s
70 SA tcp 213.31.43.163:1680 66.45.247.158:80 time-wait 51s
71 SA tcp 222.89.236.157:1506 213.31.43.163:80 time-wait 54s
72 SA tcp 213.31.43.163:1682 209.104.58.141:443 time-wait 50s
73 SA tcp 213.31.43.163:1675 82.150.141.150:80 time-wait 45s
74 SA tcp 213.31.43.163:1683 219.133.40.148:80 time-wait 56s
75 SA tcp 213.31.43.163:1676 66.33.217.37:80 time-wait 56s
76 SA tcp 213.31.43.163:1684 72.37.156.36:80 time-wait 48s
77 SA tcp 81.57.24.236:1581 213.31.43.163:80 time-wait 50s
78 SA tcp 61.153.158.196:57828 213.31.43.163:8080 time-wait 45s
79 SA tcp 222.82.156.241:3114 213.31.43.163:80 fin-wait 2s
80 SA tcp 221.226.124.109:1096 213.31.43.163:80 time-wait 51s
81 SA udp 213.31.43.163:1305 80.179.100.2:53 3s
82 SA tcp 213.31.43.163:1686 12.47.196.49:80 time-wait 46s
83 SA tcp 217.199.102.57:1501 213.31.43.163:80 time-wait 51s
84 SA tcp 213.31.43.163:1678 64.34.174.75:80 time-wait 37s
85 SA tcp 213.31.43.163:1687 216.109.127.6:80 time-wait 53s
86 SA udp 213.31.43.163:1306 80.179.100.2:53 19s
87 SA tcp 213.31.43.163:1685 63.215.202.74:80 time-wait 42s
88 SA tcp 213.31.43.163:1689 64.182.127.204:80 time-wait 52s
89 SA tcp 213.31.43.163:1690 209.104.58.141:443 time-wait 16s
90 SA tcp 213.240.228.11:1370 213.31.43.163:80 time-wait 35s
91 SA tcp 61.243.176.38:64592 213.31.43.163:80 time-wait 1m1s
92 SA tcp 213.31.43.163:1691 209.104.58.141:443 time-wait 56s
93 SA tcp 213.31.43.163:1692 219.133.41.81:80 time-wait 1m5s
94 SA tcp 213.31.43.163:1693 81.22.32.114:80 time-wait 54s
95 SA tcp 222.94.37.34:62499 213.31.43.163:80 time-wait 59s
96 SA tcp 213.31.43.163:1694 209.104.58.141:443 time-wait 41s
97 SA tcp 213.31.43.163:1695 209.104.58.141:443 time-wait 49s
98 SA tcp 213.31.43.163:1696 213.52.227.196:80 time-wait 50s
99 SA tcp 213.31.43.163:1697 12.47.196.49:80 time-wait 1m1s
100 SA tcp 220.114.128.70:3591 213.31.43.163:80 established 4d23h58m11s
101 SA tcp 220.114.128.70:3725 213.31.43.163:80 close-ack 54s
102 SA tcp 221.2.230.54:60096 213.31.43.163:80 time-wait 32s
103 SA tcp 213.240.228.11:2872 213.31.43.163:80 time-wait 16s
104 SA tcp 213.31.43.163:1698 85.25.17.43:80 time-wait 51s
105 SA tcp 220.114.128.70:3840 213.31.43.163:80 time-wait 50s
106 SA tcp 61.243.176.38:64997 213.31.43.163:80 established 4d23h57m2s
107 SA udp 213.31.43.163:1307 80.179.100.2:53 29s
108 SA tcp 216.91.59.237:53854 213.31.43.163:80 time-wait 19s
109 SA tcp 213.31.43.163:1699 68.178.168.20:80 time-wait 44s
110 SA tcp 213.31.43.163:1701 219.133.51.38:80 established 4d23h57m4s
111 SA tcp 213.31.43.163:1700 216.52.167.81:80 time-wait 45s
112 SA tcp 222.82.156.241:1089 213.31.43.163:80 time-wait 52s
113 SA tcp 213.31.43.163:1702 209.104.58.141:80 time-wait 1m34s
114 SA tcp 70.87.56.42:59983 213.31.43.163:80 time-wait 1m51s
115 SA tcp 213.31.43.163:1703 61.135.133.108:80 time-wait 1m43s
116 SA tcp 222.82.156.241:1097 213.31.43.163:80 time-wait 1m49s
117 SA tcp 66.36.231.243:3117 213.31.43.163:80 time-wait 1m48s
118 SA tcp 213.31.43.163:1704 70.84.210.42:80 time-wait 1m52s
119 SA tcp 213.31.43.163:1705 203.84.221.233:80 time-wait 1m50s
120 SA tcp 206.127.2.51:37877 213.31.43.163:80 time-wait 1m29s
121 SA tcp 213.31.43.163:1706 66.135.210.57:80 time-wait 1m42s
122 SA tcp 213.31.43.163:1707 209.104.58.141:443 time-wait 1m36s
123 SA tcp 213.31.43.163:1708 64.12.161.185:443 time-wait 1m48s
124 SA tcp 213.31.43.163:1709 61.135.132.76:90 time-wait 1m49s
125 SA tcp 213.31.43.163:1710 216.154.234.72:80 time-wait 1m46s
126 SA tcp 217.199.102.57:2234 213.31.43.163:80 time-wait 1m44s
127 SA tcp 213.31.43.163:1711 64.12.161.185:443 time-wait 1m46s
128 SA tcp 222.89.236.157:1836 213.31.43.163:80 time-wait 1m31s
129 S tcp 219.130.103.94:4658 213.31.43.163:8080 syn-recv 1m15s
130 SA tcp 66.185.126.50:3476 213.31.43.163:80 time-wait 1m35s
131 SA tcp 213.31.43.163:1713 213.52.227.196:80 time-wait 1m34s
132 SA tcp 213.31.43.163:1714 204.16.32.83:80 time-wait 1m45s
133 SA tcp 61.243.176.38:57216 213.31.43.163:80 time-wait 24s
134 SA tcp 213.31.43.163:1715 219.133.51.39:80 time-wait 1m31s
135 SA tcp 222.89.236.157:2239 213.31.43.163:80 time-wait 1m29s
136 SA tcp 213.31.43.163:1717 209.59.131.211:80 time-wait 1m42s
137 SA tcp 220.114.128.70:1607 213.31.43.163:80 time-wait 1m35s
138 SA tcp 218.201.83.91:4380 213.31.43.163:80 time-wait 1m39s
139 SA tcp 218.201.83.91:4381 213.31.43.163:80 time-wait 1m40s
140 SA tcp 213.31.43.163:1718 208.184.157.50:80 time-wait 1m40s
141 SA tcp 213.31.43.163:1719 208.184.157.50:80 time-wait 1m40s
142 tcp 213.31.43.163:8080 216.91.59.238:54512 time-wait 48s
143 SA tcp 61.129.74.114:4262 213.31.43.163:80 time-wait 1m36s
144 SA tcp 213.31.43.163:1721 212.143.162.170:80 established 4d23h56m23s
145 SA tcp 213.31.43.163:1723 210.192.125.55:80 time-wait 1m38s

no such item (4)
[admin@proxynet_core] ip firewall connection> /ip web-proxy
[admin@proxynet_core] ip web-proxy> mon
status: running
uptime: 1h12m45s
clients: 132
requests: 4646
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 30753KiB
sent-to-clients: 29245KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m46s
clients: 132
requests: 4646
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 30761KiB
sent-to-clients: 29257KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m47s
clients: 132
requests: 4646
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 30767KiB
sent-to-clients: 29263KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m48s
clients: 132
requests: 4647
hits: 164
cache-size: 56828KiB
ram-storage-size: 540KiB
received-from-servers: 30781KiB
sent-to-clients: 29283KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m49s
clients: 132
requests: 4648
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 30796KiB
sent-to-clients: 29298KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m50s
clients: 132
requests: 4648
hits: 164
cache-size: 56828KiB
ram-storage-size: 564KiB
received-from-servers: 30810KiB
sent-to-clients: 29311KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m51s
clients: 133
requests: 4649
hits: 164
cache-size: 56828KiB
ram-storage-size: 552KiB
received-from-servers: 30818KiB
sent-to-clients: 29320KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m52s
clients: 133
requests: 4651
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 30822KiB
sent-to-clients: 29321KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m53s
clients: 133
requests: 4652
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 30832KiB
sent-to-clients: 29331KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m54s
clients: 133
requests: 4652
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 30851KiB
sent-to-clients: 29348KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m55s
clients: 133
requests: 4653
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 30864KiB
sent-to-clients: 29362KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m56s
clients: 133
requests: 4654
hits: 164
cache-size: 56828KiB
ram-storage-size: 552KiB
received-from-servers: 30869KiB
sent-to-clients: 29369KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m57s
clients: 133
requests: 4656
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 30874KiB
sent-to-clients: 29372KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m58s
clients: 133
requests: 4656
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 30874KiB
sent-to-clients: 29372KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h12m59s
clients: 133
requests: 4657
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 30878KiB
sent-to-clients: 29376KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m
clients: 133
requests: 4658
hits: 164
cache-size: 56828KiB
ram-storage-size: 536KiB
received-from-servers: 30880KiB
sent-to-clients: 29378KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m1s
clients: 133
requests: 4658
hits: 164
cache-size: 56828KiB
ram-storage-size: 552KiB
received-from-servers: 30897KiB
sent-to-clients: 29395KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m2s
clients: 133
requests: 4659
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 30911KiB
sent-to-clients: 29405KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m3s
clients: 133
requests: 4659
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 30926KiB
sent-to-clients: 29414KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m4s
clients: 133
requests: 4661
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 30934KiB
sent-to-clients: 29421KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m5s
clients: 133
requests: 4663
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 30944KiB
sent-to-clients: 29432KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m6s
clients: 133
requests: 4663
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 30954KiB
sent-to-clients: 29447KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m7s
clients: 133
requests: 4663
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 30973KiB
sent-to-clients: 29465KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m8s
clients: 133
requests: 4664
hits: 164
cache-size: 56828KiB
ram-storage-size: 536KiB
received-from-servers: 30985KiB
sent-to-clients: 29478KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m9s
clients: 133
requests: 4664
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 30995KiB
sent-to-clients: 29488KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m10s
clients: 133
requests: 4664
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 31008KiB
sent-to-clients: 29501KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m11s
clients: 133
requests: 4666
hits: 164
cache-size: 56828KiB
ram-storage-size: 540KiB
received-from-servers: 31017KiB
sent-to-clients: 29507KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m12s
clients: 133
requests: 4666
hits: 164
cache-size: 56828KiB
ram-storage-size: 540KiB
received-from-servers: 31031KiB
sent-to-clients: 29521KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m13s
clients: 133
requests: 4667
hits: 164
cache-size: 56828KiB
ram-storage-size: 536KiB
received-from-servers: 31040KiB
sent-to-clients: 29530KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m14s
clients: 133
requests: 4668
hits: 164
cache-size: 56828KiB
ram-storage-size: 540KiB
received-from-servers: 31053KiB
sent-to-clients: 29543KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m15s
clients: 133
requests: 4669
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 31070KiB
sent-to-clients: 29561KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m16s
clients: 133
requests: 4670
hits: 164
cache-size: 56828KiB
ram-storage-size: 536KiB
received-from-servers: 31079KiB
sent-to-clients: 29569KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m17s
clients: 133
requests: 4670
hits: 164
cache-size: 56828KiB
ram-storage-size: 540KiB
received-from-servers: 31090KiB
sent-to-clients: 29580KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m18s
clients: 133
requests: 4671
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 31102KiB
sent-to-clients: 29590KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m19s
clients: 133
requests: 4672
hits: 164
cache-size: 56828KiB
ram-storage-size: 540KiB
received-from-servers: 31108KiB
sent-to-clients: 29594KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m20s
clients: 133
requests: 4673
hits: 164
cache-size: 56828KiB
ram-storage-size: 540KiB
received-from-servers: 31111KiB
sent-to-clients: 29598KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m21s
clients: 133
requests: 4674
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 31121KiB
sent-to-clients: 29603KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m22s
clients: 133
requests: 4675
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 31131KiB
sent-to-clients: 29609KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m23s
clients: 133
requests: 4675
hits: 164
cache-size: 56828KiB
ram-storage-size: 560KiB
received-from-servers: 31146KiB
sent-to-clients: 29619KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m25s
clients: 133
requests: 4676
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 31161KiB
sent-to-clients: 29629KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m26s
clients: 133
requests: 4678
hits: 164
cache-size: 56828KiB
ram-storage-size: 568KiB
received-from-servers: 31174KiB
sent-to-clients: 29642KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m27s
clients: 133
requests: 4683
hits: 164
cache-size: 56828KiB
ram-storage-size: 560KiB
received-from-servers: 31185KiB
sent-to-clients: 29653KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m28s
clients: 133
requests: 4683
hits: 164
cache-size: 56828KiB
ram-storage-size: 560KiB
received-from-servers: 31193KiB
sent-to-clients: 29666KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m29s
clients: 133
requests: 4684
hits: 164
cache-size: 56828KiB
ram-storage-size: 560KiB
received-from-servers: 31200KiB
sent-to-clients: 29673KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m30s
clients: 133
requests: 4685
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 31206KiB
sent-to-clients: 29679KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m31s
clients: 133
requests: 4686
hits: 164
cache-size: 56828KiB
ram-storage-size: 560KiB
received-from-servers: 31219KiB
sent-to-clients: 29692KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m32s
clients: 133
requests: 4688
hits: 164
cache-size: 56828KiB
ram-storage-size: 560KiB
received-from-servers: 31235KiB
sent-to-clients: 29703KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m33s
clients: 133
requests: 4688
hits: 164
cache-size: 56828KiB
ram-storage-size: 568KiB
received-from-servers: 31247KiB
sent-to-clients: 29716KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m34s
clients: 133
requests: 4689
hits: 164
cache-size: 56828KiB
ram-storage-size: 572KiB
received-from-servers: 31253KiB
sent-to-clients: 29722KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m35s
clients: 134
requests: 4690
hits: 164
cache-size: 56828KiB
ram-storage-size: 572KiB
received-from-servers: 31254KiB
sent-to-clients: 29723KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m36s
clients: 134
requests: 4693
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 31260KiB
sent-to-clients: 29729KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m37s
clients: 134
requests: 4693
hits: 164
cache-size: 56828KiB
ram-storage-size: 564KiB
received-from-servers: 31267KiB
sent-to-clients: 29735KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m38s
clients: 134
requests: 4694
hits: 164
cache-size: 56828KiB
ram-storage-size: 564KiB
received-from-servers: 31270KiB
sent-to-clients: 29738KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m39s
clients: 134
requests: 4694
hits: 164
cache-size: 56828KiB
ram-storage-size: 568KiB
received-from-servers: 31286KiB
sent-to-clients: 29755KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m40s
clients: 134
requests: 4694
hits: 164
cache-size: 56828KiB
ram-storage-size: 572KiB
received-from-servers: 31300KiB
sent-to-clients: 29765KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m41s
clients: 134
requests: 4696
hits: 164
cache-size: 56828KiB
ram-storage-size: 564KiB
received-from-servers: 31312KiB
sent-to-clients: 29775KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m42s
clients: 134
requests: 4698
hits: 164
cache-size: 56828KiB
ram-storage-size: 560KiB
received-from-servers: 31321KiB
sent-to-clients: 29785KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m43s
clients: 134
requests: 4700
hits: 164
cache-size: 56828KiB
ram-storage-size: 548KiB
received-from-servers: 31332KiB
sent-to-clients: 29797KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m44s
clients: 134
requests: 4701
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 31345KiB
sent-to-clients: 29814KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m45s
clients: 134
requests: 4703
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 31357KiB
sent-to-clients: 29825KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m46s
clients: 134
requests: 4704
hits: 164
cache-size: 56828KiB
ram-storage-size: 564KiB
received-from-servers: 31374KiB
sent-to-clients: 29841KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m47s
clients: 134
requests: 4704
hits: 164
cache-size: 56828KiB
ram-storage-size: 564KiB
received-from-servers: 31382KiB
sent-to-clients: 29850KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m48s
clients: 134
requests: 4706
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 31383KiB
sent-to-clients: 29850KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m49s
clients: 134
requests: 4706
hits: 164
cache-size: 56828KiB
ram-storage-size: 556KiB
received-from-servers: 31383KiB
sent-to-clients: 29850KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m50s
clients: 134
requests: 4708
hits: 164
cache-size: 56828KiB
ram-storage-size: 552KiB
received-from-servers: 31395KiB
sent-to-clients: 29859KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m51s
clients: 134
requests: 4709
hits: 164
cache-size: 56828KiB
ram-storage-size: 544KiB
received-from-servers: 31400KiB
sent-to-clients: 29859KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m52s
clients: 134
requests: 4712
hits: 164
cache-size: 56828KiB
ram-storage-size: 536KiB
received-from-servers: 31406KiB
sent-to-clients: 29869KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m53s
clients: 134
requests: 4715
hits: 164
cache-size: 56828KiB
ram-storage-size: 532KiB
received-from-servers: 31415KiB
sent-to-clients: 29878KiB
hits-sent-to-clients: 679KiB

status: running
uptime: 1h13m54s
clients: 134
requests: 4716
hits: 164
cache-size: 56828KiB
ram-storage-size: 536KiB
received-from-servers: 31420KiB
sent-to-clients: 29885KiB
hits-sent-to-clients: 679KiB

[admin@proxynet_core] ip web-proxy>



i am seriously confused and i dont know what to do
Top
 
User avatar
BulleriNET
Frequent Visitor
Frequent Visitor
Posts: 99
Joined: Sat Feb 11, 2006 9:30 pm
Location: prescott az 86301

ok call me idiot

Fri Mar 31, 2006 11:03 pm

this lookd like a tcp 3 way hand shake dos attack theise are open connections but are the doing anything or just setting there if are just setting there some one or somethin started a comunication and got though the first and second step and then just left the conecction open. I would start by rebooting the system and see if it comes back. if it doesent problem solved. if it does not disconnect interfaces and see which place it is coming from and trace it backwards.this does sound a lot like the lynksys router issue but it was dealing more with dns
Top
 
User avatar
andrewluck
Forum Veteran
Forum Veteran
Posts: 700
Joined: Fri May 28, 2004 9:05 pm
Location: Norfolk, UK

Sat Apr 01, 2006 5:01 pm

Are you blocking connections to the web proxy from the Internet. Possibly you're running an open proxy.

Regards

Andrew
Top
 
User avatar
bholler
Trainer
Trainer
Topic Author
Posts: 95
Joined: Wed Feb 09, 2005 10:22 pm
Location: Nigeria
Contact:
Contact bholler

Sat Apr 01, 2006 7:26 pm

hello andrew
Are you blocking connections to the web proxy from the Internet. Possibly you're running an open proxy



what am i to do to not to make my web-proxy not ot be open. please i need your assistance
Top
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6695
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:
Contact sergejs

Sat Apr 01, 2006 8:23 pm

bholler,
actually there are two ways, how you can defend proxy from being used by untrusted users.

1) set up proxy access-list (ip web-proxy), where you have to allow trusted users IP addresses, and deny any others.

2) set up firewall, allow conections to the router (proxy) only for trusted users, rules have to be applied in chain=input.
Top
 
User avatar
bholler
Trainer
Trainer
Topic Author
Posts: 95
Joined: Wed Feb 09, 2005 10:22 pm
Location: Nigeria
Contact:
Contact bholler

Sun Apr 02, 2006 7:36 pm

hello sergejs,

it worked, thanks so much. this has been a command i dont take into consideration before.
Top
Post Reply

Who is online

Users browsing this forum: Bing [Bot], GoogleOther [Bot], Majestic-12 [Bot], mbezuidenhout, noyo, pmcsill, tnperron and 192 guests
  4. RouterOS
  5. General