Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Denial of Service attacks 1

Status
Not open for further replies.

deankn

IS-IT--Management
Feb 22, 2003
30
US
Hi -
We are a small wireless IP with a switched network - because our network is essentially one large LAN we have a huge problem with malware/viruses/etc. attacking from within our network. We are eventually going to route each of our towers which should help but in the meantime I am looking for a solution which will ease the problem. I would like to find an inexpensive firewall appliance that would simply provide traffic filtering - no routing or vpn functions, etc - and insert them in certain branches of our network. DHCP and most of the network traffic would pass thru unaffected(essentially an inexpensive version of the Allot Netenforcer that has minimal functionality). Any ideas?
Thanks
Dean
 
Any linux box with iptables running. If you're not familiar with linux or iptables, I recommend the Smoothwall firewall package. Very easy to use, and free. I think you will need to configure an ipheper to get dhcp to pass through.

 
I believe LawnBoy is correct - you'd need an iphelper address defined for any broadcast-type packet you need to pass, such as DHCP or NetBIOS (gasp!).
 
gasp at NetBIOS?!?!?! Just uncheck the File and Printer Sharing box...lol
How about BOOTP?!?!?!*GASP!*
 
If you are an ISP providing wireless broadband to the public I would suggest you also need to configure your access points to deny peering and force clients to go through the gateway to communicate with each other.

If you let your clients see each other bad things happen.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top