Hi All. Im desperate to get my network back working fine. Here is my situation.
I have a FC2 server that has two NICs. The first one is connect to my ADSL router, and the other one is connected to a network that receive IPs from that server through DHCPD service, and then the FC2 do the firewall/masquerade. All the 30 machines can browse nice until 2 or maybe more machines that has virus/worms get online. Ive seeing that W32.MsBlast is the cause of most of these link down problems, but now, it looks to be more than just w32.msblast. My queston is: IS THAT POSSIBLE TO INSTALL A SOFTWARE OR SOMETHING LIKE THAT IN THE FC2 SERVER TO PREVENT OR AT LEAST TO DETECT (by IP number) THE MACHINES THAT HAS THE VIRUS, SO IT DOENST KILL MY CONNECTION. Thanks in advance.
Wouldn't it be better to get rid of those viruses on the Windows machines? Or, since it seems you've figured out which machines have viruses, maybe block them using iptables? I believe you can do MAC Address filtering somehow with iptables, although I'm not familiar with this. But I don't see the point. Getting rid of the viruses is the better solution. Search for McAfee's Stinger on Google, or get virus removal tools from Symantec.
dex
