Re: [m0n0wall] Latest virus kills m0n0wall

From:	Raylund Lai <raylund dot lai at kankanwoo dot com>
To:	"m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Latest virus kills m0n0wall
Date:	Sun, 12 Aug 2007 21:38:32 -0400

May try untangle (http://www.untangle.com/) as bridge mode between 
m0n0wall and your main switch.  You can monitor or block certain defined 
traffic.

Cheers
Raylund

Charles Goldsmith wrote:
> Lee, while M0n0 is a great firewall, it is not a full featured one with IPS
> abilities.  You are looking for an automated way to rate-limit or block
> infected machines and there isn't one that I've seen with M0n0.
> Unfortunately, you will just have to manually block these users.  A snort
> IDS on another box with pigsentry running
> http://solv.com/tools/pigsentry/can alert you to problems before the
> users complain might be an opensource
> work around.
>
> Good luck!
> Charles
>
> On 8/12/07, Lee Sharp <leesharp at hal dash pc dot org> wrote:
>   
>> Replying to myself again...  Updates to all, and this seems the best way
>> to thread it.
>>
>> Scope...  I have about 40 hotels.  They generally have from 10-30 users
>>
>>     
>
>