On Sun, 2004-08-01 at 02:30 +0800, Dexter Ang wrote:
Cristiano Soares wrote:
> Hi All. Im desperate to get my network back working fine. Here is my
> situation.
>
> I have a FC2 server that has two NICs. The first one is connect to my
> ADSL router, and the other one is connected to a network that receive
> IPs from that server through DHCPD service, and then the FC2 do the
> firewall/masquerade. All the 30 machines can browse nice until 2 or
> maybe more machines that has virus/worms get online. Ive seeing that
> W32.MsBlast is the cause of most of these link down problems, but now,
> it looks to be more than just w32.msblast. My queston is: IS THAT
> POSSIBLE TO INSTALL A SOFTWARE OR SOMETHING LIKE THAT IN THE FC2 SERVER
> TO PREVENT OR AT LEAST TO DETECT (by IP number) THE MACHINES THAT HAS
> THE VIRUS, SO IT DOENST KILL MY CONNECTION. Thanks in advance.
>
Wouldn't it be better to get rid of those viruses on the Windows
machines? Or, since it seems you've figured out which machines have
Or just get rid of the Windows machines? :-P
/me runs
viruses, maybe block them using iptables? I believe you can do MAC
Address filtering somehow with iptables, although I'm not familiar with
this. But I don't see the point. Getting rid of the viruses is the
better solution. Search for McAfee's Stinger on Google, or get virus
removal tools from Symantec.
dex