Yeah, this will be a tough one. If everyone is on a switch (along with
m0n0wall), you can't really cut them off because even if m0n0wall is
ignoring them, everyone else is still listening to their computer while
it spews garbage. Short of unplugging their Ethernet connection, if an
infected machine causing network havoc; it is harder to isolate.
What kind of scope are we talking about here? A private network? A
business? A large network setup (like 100+ clients?)
Mohammed Ismail wrote:
> all connections are wired Ethernet connections
> ADSL modem <<==>> wan int. m0n0wall LAN int. <<==>> Ethernet wired clients.
> all clients OS will be winxp
> and I cannot garantee good antivirus or firewalls on those PCs
> so I want m0n0 to keep sending his MAC address to all Clients to maintain connectivity between
clients and m0n0.
> the Trojan name was HackTool.win32.ArpAttacker.3020
> thanks allot