From DD-WRT Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 22:55, 27 June 2005 (edit)
Scott (Talk | contribs)
← Previous diff
Revision as of 02:35, 26 September 2005 (edit) (undo) (Talk)

Next diff →
Line 5: Line 5:
firewall help?? firewall help??

Revision as of 02:35, 26 September 2005

help prevent virus/worm congesting the internet...?? it happened to my network. an infected pc cause the whole network inaccessible.

firewall help??

these worms stuff really slowing down lots of my network traffic. after fixing one pc, there come another ones... it's endless job when the users doesnt know how to block those worms using firewall...

so, i plan to make it on router side. which is on the linksys and wl500g.

but, i'm no linux expert also...

so, anyone please help.. how do i set up rules like these:

1. block all local connection (ie, from ip to, etc..) because it's use only for internet

2. the only local connection allow is off course, between routers (linksys,wl500g,etc..)

3a. allow only certain ports to the internet (like web, proxy, mail: 80,3128,8080,110,25,etc) and block all the rest OR

3b. block all ports that are known used by worms/virus/etc and allow all the rest

4. limit max connection allowed per ip address?

5. attack detection. if too many connection comes from an ip, that ip is block for few seconds. if the connection is on certain ports, that port blocked for few minutes.

6. send an alert about those attack. either to an email address and/or using windows' net send protocol to the 'infected' ip and admin's ip

can we apply tarpit to slow down these worms?

like this: