[ previous ] [ next ] [ threads ]
 From:  "Jason Collins" <jason at mammothcomputers dot com>
 To:  "Lee Sharp" <leesharp at hal dash pc dot org>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: Latest virus kills m0n0wall
 Date:  Sat, 11 Aug 2007 23:11:22 -0500
What about removing the allow all outbound rule and permitting only
http, https, etc....  I try to do that for most of my corporate clients
when they will let me for just such a circumstance.  Management might
not want to keep things that way, but it might do for the week or two of
high activity.  

-----Original Message-----
From: Lee Sharp [mailto:leesharp at hal dash pc dot org] 
Sent: Friday, August 10, 2007 11:48 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: Latest virus kills m0n0wall

I use m0n0wall in a lot of hotels.  This means that insecure computers 
are on the network.  This latest virus spawns several hunderd states, 
fills the outbound pipe, and makes the connection slow to the point of 
unusable.  If two infected machines get on, it can lock m0n0wall 
totally.  Any thought on a quick bandage?