[ previous ] [ next ] [ threads ]
 
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 Cc:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Latest virus kills m0n0wall
 Date:  Sat, 11 Aug 2007 01:48:10 -0500
Updates...

Tim Nelson wrote:
 > Increase your firewall state size...

I do not want to build an image from scratch with recompiled binaries to 
fight a threat that will fade in a week or two...  A little tough there.

Many wrote:
 > What ports?

Seems to be random source and destination ports in the 4-5 digit range. 
  So far it has been, notice it, and block the IP.  Add user to static 
DHCP in a blocked block of addresses.  Hope they call.  Do it again when 
they change WiFi cards.  Remember that this is in a hotel, and I support 
about 40 of them.  I have done 4 hotels with this problem this week, and 
2 of them twice.  It is fully manual, always a crises, and a PITA!

There is no way to limit connections with the traffic shaper is there?

			Lee

PS:  I am going to bed now after fixing another one.  It is 1:47am.