virus/worms killing a network...
Dexter Ang
thepoch at mydestiny.net
Sat Jul 31 18:30:44 UTC 2004
Cristiano Soares wrote:
> Hi All. Im desperate to get my network back working fine. Here is my
> situation.
>
> I have a FC2 server that has two NICs. The first one is connect to my
> ADSL router, and the other one is connected to a network that receive
> IPs from that server through DHCPD service, and then the FC2 do the
> firewall/masquerade. All the 30 machines can browse nice until 2 or
> maybe more machines that has virus/worms get online. Ive seeing that
> W32.MsBlast is the cause of most of these link down problems, but now,
> it looks to be more than just w32.msblast. My queston is: IS THAT
> POSSIBLE TO INSTALL A SOFTWARE OR SOMETHING LIKE THAT IN THE FC2 SERVER
> TO PREVENT OR AT LEAST TO DETECT (by IP number) THE MACHINES THAT HAS
> THE VIRUS, SO IT DOENST KILL MY CONNECTION. Thanks in advance.
>
Wouldn't it be better to get rid of those viruses on the Windows
machines? Or, since it seems you've figured out which machines have
viruses, maybe block them using iptables? I believe you can do MAC
Address filtering somehow with iptables, although I'm not familiar with
this. But I don't see the point. Getting rid of the viruses is the
better solution. Search for McAfee's Stinger on Google, or get virus
removal tools from Symantec.
dex
More information about the fedora-list
mailing list