belajar ilmu komputer

langkah installasi proxy server February 23, 2011

Filed under: Uncategorized — linalovers @ 9:46 am

PROXY

Setelah connect internet,langkah untuk installasi proxy adalah :

Ø  Langkah untuk membangun proxy server             :

1.install untuk update dan squid

-# apt –get update

-# apt –get install squid

Ø  Buka file konfigurasi

-letak file di directory     : /etc/squid/squid.conf

-cara membuka dari terminal      : pico /etc/squid/squid.conf

Ø  Megedit konfigurasi

-cara pertama    : copy              paste

-cara kedua        : edit manual

 

v  Yang harus dirubah         :

http_port

cache_dir diskd /cache 10000

acl lokal src 10.10.10.0/24 (pkok satu range dg LAN)

acl blok_situs url_regex –i”/etc/squid/situs.txt”                (utk blok situs FB dan youtube)

http_acces deny blok_situs situs.txt

cache_mgr  (email qt) ex: cache_mgr irmanovia2tkj5@gmail.com)

visible_hostname (web qt) ex :visible_hostname www.belajarpuitis.wordpress.com

 

untuk blok situs/kata,ketikkan perintah                :

#pico  /etc/squid/situs.txt

 

Ø  Merestart squid

#chown proxy : proxy /cache

#chmod 777 /cache

#squid –z

#service squid restart

 

Ø  Cek di client windows

Langkah :

1.       buka mozila

2.       tool

3.       option

4.       advanced

5.       network

6.       setting

7.       pilih manual proxy configuration

–          http proxy          : 10.10.10.4

–          port       : 3128

 

INSTALL PROXY SQUID DI LINUX UBUNTU February 6, 2011

Filed under: Uncategorized — linalovers @ 10:14 am

INSTALL PROXY SQUID DI LINUX UBUNTU

1. masukan terminal ketik sudo su (enter) masukan password
2. ketik sudo apt-get install squid (enter) tunggu sampai proses install selesai (komputer harus terhubung ke internet)
3. Selanjutnya setting di config squid, sebelumnya backup dulu file asli squid.conf dgn cara ketikkan di terminal
code:

sudo cp /etc/squid/squid.conf
/etc/squid/squid.conf.original
setelah itu buka /edit file squid.conf seperti dibawah ini dgn cara ketikkan
Code:
sudo gedit /etc/squid/squid.conf
isi seperti di bawah ini:
auth_param basic program /usr/lib/squid/ncsa_auth
/etc/squid.passwd
auth_param basic children 5
auth-param basic realm NFYE Squid proxy-caching web
server
auth_param basic credentialsttl 3 hours
auth_param basic casesensitive off

acl user proxy_auth REQUIRED
acl sectionx proxy_auth REQUIRED
http_access allow users

acl all src 0.0.0.0/0.0.0.0
acl internal_network src 192.168.0.0/24
acl users proxy_auth    REQUIRED
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443563 # https,snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https,snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gas-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl sectionx proxy_auth REQUIRED
acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost
http_access allow users
http_access allow internal_network
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECTISSL_ports
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all

http_port 3128 transparent
visible_hostname stbserver

hierarchy_stoplist cgi-bin ?

cache_dir ufs /usr/local/squid/cache 102416256
access_log/usr/local/squid/access.log
cache_log/usr/local/squid/cache.log
cache_store_log none

cache_mem 1024 MB
cache_swap_low 94
cache_swap_high 96
maximum_object_size 16384 KB
minimum_object_size 4 KB
maximum_object_size_in_memory 2048 KB
fqdncache_size 1024
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF

acl QUERY urlpatch_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp:    1440 20% 10080
refresh_pattern ^gopher: 14440 0% 1440
refresh_pattern. 0 20% 4320
acl apache rep_header Server ^ Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY
CHECKOUT
host_file /etc/hosts
coredumb_dir/var/spool/squid

cache_mgr udin_law@yahoo.co.id
cache_effective_user squid
cache_effective_groub squid

4.Membuat file log dan direktory untuk cache
membuat direktory squid
$ mkdir /usr/local/squid
Membuat direktory cache
$ mkdir /usr/local/squid/cache
Membuat file cache log yg berfungsi untuk melihat dan memonitoring aktifitas yang sedang dilakukan client
$touch /usr/local/squid/cache.log
Membuat file access log berfungsi untuk memonitoring aktifitas yang dilakukan oleh cache server
$touch /usr/local/squid/access.log
Membuat user dan group squid sebagai pemilik dari proses squid dan loginnya,ini dibuat dengan  alasan keamanan jika
sistem squid diserang cracker dan bisa di akses oleh cracker bukan root yang diambil alih
$sudo adduser squid
Memberikan attribut dan hak milik aras direktori squid beserta sub sub direktoro + file-file yang ada di dalamnya
$chown -Rf squid.squid/usr/local/squid
$sudo chown squid.squid /var/spool/squid -Rf
$ sudo chown squid.squid -Rf/etc/squid

5. Membuat struktur cache derectory
root@ubuntu:/home/stb# squid -z
2009/12/22 21:45:46| Squid is already running! Process ID 2608
root@ubuntu:/home/stb#

6.Test squid
root@ubuntu:home/stb# squid -d1 -D
2009/12/22 21:46:42| Squid is already running! Process
ID 2608
root@ubuntu:/home/stb#

7.root@ubuntu:/home/stb# tail -f
/usr/local/squid/access.log
1261532379.994 761 192.168.0.105 TCP_MISS/200
4539 GET

http://en-us.www.mozilla.com/img/tignish/template

/background-tile.png grosir DIRECT/63.245.209.10
image/png
1261532380.042 540 192.168.0.105 TCP_MISS/200
1437 GET

http://en-

us.www.mozilla.com/img/tignish/template/mozilla-logo.png
grosir DIRECT/62.245.209.10 image/png
1261532380.450 884 192.168.0.105 TCP_MISS/200 1011
GET

http://en-

us.www.mozilla.com/img/tignish/template/header-
background.png grosir DIRECT/63.245.209.10 image/png
1261532380.594 1005 192.168.0.105 TCP_MISS/200 936
GET

http://en-

us.www.mozilla.com/img/tignish/whatnews/sub-feature-
top.png grosir DIRECT/63.245.209.10 image/png
1261532380.707 1117 192.168.0.105 TCP_MISS/200 784
GET

http://en-us.www.mozilla.com/img/tignish/firsturn/link-

arrow.png grosir DIRECT/63.245.209.10 image/png
1261532381.079 1086 192.168.0.105 TCP_MISS/200 2073
GET

grosir DIRECT/63.245.209.10 image/png
1261532381.210 1167 192.168.0.105 TCP_MISS/200 568
GET

http://en-

us.www.mozilla.com/img/_utm.gif?utmwv=6.1&utmn=51
5583513utmsr=800×600&utmsc=32-bit&utmul=en-
us&utmje=0&utmjv=1.5&utmfl=-
&utmdt=Firefox%20Updated&utmhn=en-
us.www.mozilla.com&utmr=-&utmp=/en-
US/firefox/3.5.6/whatnews/grosir
DIRECT/63.245.209.10 image/gif
1261532381.310 1745 19.168.0.105
TCP_REFRESH_MISS/200 6383 GET

http://en-

-us.www.mozilla.com/img/tignish/whatnews/sub-feature-
bottom.png grosir DIRECT/63.245.209.10 image/png
1261532381.545 2000 192.168.0.105
TCP_REFRESH_MISS/200 4931 GET
http:/en-
us.www.mozilla.com/image.tignish/whatnews/3.5.background.jpg
grosir DIRECT/63.245.209.10 image/jpeg
1261532381.598 2007 192.168.0.105
TCP_REFRESH_MISS/200 4241 GET

http://en-

us.www.mozilla.com/img/tignish/template/footer-portal-
border.png grosir DIRECT/63.245.209.10 image/png

8.Memberikan hak akses(permission)tiap-tiap user sebelumnya install dulu apache 2
ketik kode:
apt-get install apache2
setelah selesai selanjutnya bikin firs user yang bisa meng akses proxy:
masih di terminal ketikkan : sudo htpasswd -c
/etc/squid.passwd user1———–user1 bisa diganti dengan apa saja
root@ubuntu:/home/stb# sudo htpasswd -c
/etc/squid.passwd user1
new password:
re-type new password:
adding password for user user1
root@ubuntu:/home/stb#
berikutnya bikin user bar, masih di terminal ketikkan: sudo htpasswd/etc/squid.passwd client1
root@ubuntu:/home/stb# sudo htpasswd
/etc/squid.passwd client1
new password:
re-type newpassword:
adding password for user client1
root@ubuntu:/home/stb#

Restart squid anda
code:
sudo /etc/init.d/squid restart
test squid anda, sebelum setting proxy di browser:
addres:ip squid port:3128

 

SETTING ROUTER BOARD

Filed under: Uncategorized — linalovers @ 10:11 am

SETTING ROUTER BOARD

Reset Mikrotik

New terminal>ketik”system reset” tanpa tanda petik>enter>y.

 

1.Memasukan no IP

IP>address> klik “+” > masukkan no IP address >apply >masukan Comment >ok >ok

2.Memasukan Gateway

Ip>routes>klik”+”>biarkan detination kosong.

3.Memasukan DNS

IP>DNS>setting>masukan No DNS>ok.

4.Melakukan NAT

IP>firewall>NAT>klik”+”>out interface : eth1(ke publik)>actoin:masquerade>ok.

 

Untuk mengganti nama (identity) : system>identity>nama yang diinginkan.

Untuk melihat no IP : Ip address pr (enter)

Untuk melihat GW : IP router pr

Untuk melihat DNS :IP DNS pr

Untuk melihat NAT : IP firewall nat pr

 

FIREWALL MIKROTIK

Filed under: Uncategorized — linalovers @ 10:08 am

p { margin-bottom: 0.21cm; }

FIREWALL MIKROTIK

 

/ ip firewall filter
add chain=forward connection-state=established action=accept comment=”allow established connections” disabled=no
add chain=forward connection-state=related action=accept comment=”allow related connections” disabled=no
add chain=virus protocol=udp dst-port=135-139 action=drop comment=”Drop Messenger Worm” disabled=no
add chain=forward connection-state=invalid action=drop comment=”drop invalid connections” disabled=no
add chain=virus protocol=tcp dst-port=135-139 action=drop comment=”Drop Blaster Worm” disabled=no
add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment=”Worm” disabled=no
add chain=virus protocol=tcp dst-port=445 action=drop comment=”Drop Blaster Worm” disabled=no
add chain=virus protocol=udp dst-port=445 action=drop comment=”Drop Blaster Worm” disabled=no
add chain=virus protocol=tcp dst-port=593 action=drop comment=” ” disabled=no
add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment=” ” disabled=no
add chain=virus protocol=tcp dst-port=1080 action=drop comment=”Drop MyDoom” disabled=no
add chain=virus protocol=tcp dst-port=1214 action=drop comment=” ” disabled=no
add chain=virus protocol=tcp dst-port=1363 action=drop comment=”ndm requester” disabled=no
add chain=virus protocol=tcp dst-port=1364 action=drop comment=”ndm server” disabled=no
add chain=virus protocol=tcp dst-port=1368 action=drop comment=”screen cast” disabled=no
add chain=virus protocol=tcp dst-port=1373 action=drop comment=”hromgrafx” disabled=no
add chain=virus protocol=tcp dst-port=1377 action=drop comment=”cichlid” disabled=no
add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Bagle Virus” disabled=no
add chain=virus protocol=tcp dst-port=2283 action=drop comment=”Drop Dumaru.Y” disabled=no
add chain=virus protocol=tcp dst-port=2535 action=drop comment=”Drop Beagle” disabled=no
add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Drop Beagle.C-K” disabled=no
add chain=virus protocol=tcp dst-port=3127 action=drop comment=”Drop MyDoom” disabled=no
add chain=virus protocol=tcp dst-port=3410 action=drop comment=”Drop Backdoor OptixPro” disabled=no
add chain=virus protocol=tcp dst-port=4444 action=drop comment=”Worm” disabled=no
add chain=virus protocol=udp dst-port=4444 action=drop comment=”Worm” disabled=no
add chain=virus protocol=tcp dst-port=5554 action=drop comment=”Drop Sasser” disabled=no
add chain=virus protocol=tcp dst-port=8866 action=drop comment=”Drop Beagle.B” disabled=no
add chain=virus protocol=tcp dst-port=9898 action=drop comment=”Drop Dabber.A-B” disabled=no
add chain=virus protocol=tcp dst-port=10000 action=drop comment=”Drop Dumaru.Y” disabled=yes
add chain=virus protocol=tcp dst-port=10080 action=drop comment=”Drop MyDoom.B” disabled=no
add chain=virus protocol=tcp dst-port=12345 action=drop comment=”Drop NetBus” disabled=no
add chain=virus protocol=tcp dst-port=17300 action=drop comment=”Drop Kuang2″ disabled=no
add chain=virus protocol=tcp dst-port=27374 action=drop comment=”Drop SubSeven” disabled=no
add chain=virus protocol=tcp dst-port=65506 action=drop comment=”Drop PhatBot, Agobot, Gaobot” disabled=no

add chain=forward action=jump jump-target=virus comment=”jump to the virus chain” disabled=no
add chain=input connection-state=established action=accept comment=”Accept established connections” disabled=no
add chain=input connection-state=related action=accept comment=”Accept related connections” disabled=no
add chain=input connection-state=invalid action=drop comment=”Drop invalid connections” disabled=no
add chain=input protocol=udp action=accept comment=”UDP” disabled=no
add chain=input protocol=icmp limit=50/5s,2 action=accept comment=”Allow limited pings” disabled=no
add chain=input protocol=icmp action=drop comment=”Drop excess pings” disabled=no
add chain=input protocol=tcp dst-port=21 src-address-list=ournetwork action=accept comment=”FTP” disabled=no
add chain=input protocol=tcp dst-port=22 src-address-list=ournetwork action=accept comment=”SSH for secure shell” disabled=no
add chain=input protocol=tcp dst-port=23 src-address-list=ournetwork action=accept comment=”Telnet” disabled=no
add chain=input protocol=tcp dst-port=80 src-address-list=ournetwork action=accept comment=”Web” disabled=no
add chain=input protocol=tcp dst-port=8291 src-address-list=ournetwork action=accept comment=”winbox” disabled=no
add chain=input protocol=tcp dst-port=1723 action=accept comment=”pptp-server” disabled=no
add chain=input src-address-list=ournetwork action=accept comment=”From Datautama network” disabled=no
add chain=input action=log log-prefix=”DROP INPUT” comment=”Log everything else” disabled=no
add chain=input action=drop comment=”Drop everything else” disabled=no

 

 

 

Hello world! January 8, 2011

Filed under: Uncategorized — linalovers @ 6:18 am

Welcome to WordPress.com. This is your first post. Edit or delete it and start blogging!