Want to do a "User/IP address Bandwidth Test", possible..?
 

i want to do a check and see how much bandwidth is being eaten up by different users, or even just by IP addresses... i don't really want to change my entire security setup altogether, is there any option i can implement temporarily that will log how much bandwidth is being used like this?

i want to hunt down rogue accounts, and accounts that are being accessed by multiple parties via proxies...

alternately, any good proxy-blocking solutions out there? thx all..!

http://twash.com/iku/grinworker.gif

gentle bump for the evening crowd..?

You know cPanel? Check the source.
Proxy blocking solutions eat up alot of system resources.

mmm, i have never used cPanel but will check it out right now... i do realize that proxy-blocking scripts eat massive amounts of system cycles up, thats whhy i just want to do some short testing, to ferret out uesr accounts that are being abused via proxy sharing...

any suggestions most welcome, thx friends..! http://twash.com/iku/leperkiss.gif

Any decent stats program such as Webalizer will show you that info.
Some stats programs, including webalizer, have a lot of different reports
that can be turned on and off in the config so it's fairly likely that your
current reporting program can do that for you and all you need to do
is turn on those reports in the config.

When you do, it pretty likely that you'll be amzed at how big of a problem
it really is and you'll change your mind about shelling out $100 for
some real security.

Typical proxy blockers aren't that great, as you seemed to indicate.
The load they put on your system is a problem, they don't block
most of the types of proxies that are actually used by the people you
want to stop, but they do block proxies that migt occasionally be used
by a legit member. The solution there is two fold. First, you get a security
solution designed by someone who was actually paying attention
in security 101 and properly distinguishes between authentication
and authorization. You authenticate (and check for proxies) once,
when they login, so that solves your load problem. I completely amazes
me that amost all ofthe "security" approaches marketed for web sites
screw up this very basic principle. That's not advanced computer science, it's literally
taught within the first few weeks (or chapters) of any security course or book.
Also you don't use some silly proxy list or header check as the one and
only criteria, blocking or allowing based on whether or not they SAY that they
are a proxy. Rather what you want to do is use all methods at your disposal
to find out not only IF it's a proxy, but what kind of proxy it is, then
use that information IN COMBINATION with other information about this
login attempt and previous attempts to make a decsion based on
ALL of the available data combined. Again, it amazes me that while these
two idea are so simple and so basic most systems get it wrong on one
or both counts. This lack of any reasonably designed system is why we
were forced to develop Strongbox a few years ago, to provide a security
solution that at least gets the key elements correct.