I have a reseller on my server who has set up an about 7 accounts. All of these accounts are active. The Bandwidth is being registered as nothing. its is the 22nd and according to all accounts 0.00megs worth of bandwidth has been used. How do i stop this. I have checked the AWSTATS and the results are coming back, "No qualified records found in log (0 corrupted, 0 dropped)". Is this the result of advance DNS settings done?
I have also noticed that about 1GIG of transfer is uneracountanble, which i guess has been used by this account.
its recorded no activirty. I have just done a whois and no information of my server comes up. This Person has privite Nameservers set up and this server, But the funny thing is they are using the shared IP. This person does no have privite ips for his name servers account.
Light wave. Could you please explain what you mean
If the user has shell access and can connect to the server via SSH, they can use wget to download gigs upon gigs of data. This bandwidth will be counted for your server's total usage but it will not be tracked under your Reseller's account. Anything done this way is "free" bandwidth to the account.
Oh, I was going by the things offered according to the website in your .sig
In any case, it really doesn't matter whether it's done through SSH, crontab, or many other functions.
It'd be just as easy to upload a php or cgi application which uses gigabytes worth of your bandwidth but isn't attributed to their web usage. It's not that they are necessarily doing anything wrong. As I mentioned, it's just part of the cost you'll have to eat unless you can actually attribute processes/commands to a specific user and identify them as malicious or somehow breaking a terms of service.
The reseller does not have SSH. Accounts have to ask us to enable ssh. Any way. I looked under his dns settings. His names servers are setup with Ips that we dont have. Our range is 22.214.171.124 his is 126.96.36.199 etc. so NS1.domain.com and NS2.domain.com are set up with ips that do not belong to the server.
It looks like it is done via advance DNS but i cant figure it out?