Lee, while M0n0 is a great firewall, it is not a full featured one with IPS
abilities. You are looking for an automated way to rate-limit or block
infected machines and there isn't one that I've seen with M0n0.
Unfortunately, you will just have to manually block these users. A snort
IDS on another box with pigsentry running
http://solv.com/tools/pigsentry/can alert you to problems before the
users complain might be an opensource
On 8/12/07, Lee Sharp <leesharp at hal dash pc dot org> wrote:
> Replying to myself again... Updates to all, and this seems the best way
> to thread it.
> Scope... I have about 40 hotels. They generally have from 10-30 users