Hi all !!!
I would like to know if someone had this problem before.
I discovered that my network users used to install shareware programs that
came with
a spyware called SaveNow.
That program, SaveNow, stay resident and start sending lots of request per
second to my squid server
When two o more machines start doing this my access.log grows terribly
threatening disk space.
Besides, the ERR_SOCKET_FAILURE appears to the other users.
How can i deal with that ?
Can someone explain me, how to disable the logging of TCP_DENIED lines in
the access.log ?
this is an example of my access.log
1029247040.560 1 eco109c.mecon.ar TCP_DENIED/407 1045 GET
http://www.whenu.
com/versions.html - NONE/- -
1029247040.574 0 eco109c.mecon.ar TCP_DENIED/407 1045 GET
http://www.whenu.
com/versions.html - NONE/- -
1029247040.589 1 eco109c.mecon.ar TCP_DENIED/407 1045 GET
http://www.whenu.
com/versions.html - NONE/- -
1029247040.607 0 eco109c.mecon.ar TCP_DENIED/407 1045 GET
http://www.whenu.
com/versions.html - NONE/- -
1029247040.628 1 eco109c.mecon.ar TCP_DENIED/407 1045 GET
http://www.whenu.
com/versions.html - NONE/- -
1029247040.643 1 eco109c.mecon.ar TCP_DENIED/407 1045 GET
http://www.whenu.
com/versions.html - NONE/- -
1029247040.663 1 eco109c.mecon.ar TCP_DENIED/407 1045 GET
http://www.whenu.
com/versions.html - NONE/- -
1029247040.682 1 eco109c.mecon.ar TCP_DENIED/407 1045 GET
http://www.whenu.
com/versions.html - NONE/- -
1029247040.701 1 eco109c.mecon.ar TCP_DENIED/407 1045 GET
http://www.whenu.
com/versions.html - NONE/- -
Thanks a lot !!!!
Diego
Received on Fri Mar 19 2004 - 09:28:51 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:02 MST