[ previous ] [ next ] [ threads ]
 
 From:  "Charles Goldsmith" <wokka at justfamily dot org>
 To:  "Lee Sharp" <leesharp at hal dash pc dot org>
 Cc:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Latest virus kills m0n0wall
 Date:  Sun, 12 Aug 2007 13:19:01 -0500
Lee, while M0n0 is a great firewall, it is not a full featured one with IPS
abilities.  You are looking for an automated way to rate-limit or block
infected machines and there isn't one that I've seen with M0n0.
Unfortunately, you will just have to manually block these users.  A snort
IDS on another box with pigsentry running
http://solv.com/tools/pigsentry/can alert you to problems before the
users complain might be an opensource
work around.

Good luck!
Charles

On 8/12/07, Lee Sharp <leesharp at hal dash pc dot org> wrote:
>
> Replying to myself again...  Updates to all, and this seems the best way
> to thread it.
>
> Scope...  I have about 40 hotels.  They generally have from 10-30 users
>