is there a way to secure outging traffic?

[edwinhunt]

hello all,

we live in a building where we're providing wireless internet connection. it's pretty open so anybody within the building can connect their laptop with no problem. i just got a call from our isp saying that they will shutdown our service because someone from our network is sending out malwares. my question is, is there anything that i can do to monitor outgoing traffic or even block a system if it's generating lots of traffic? most firewalls are only concerned with incoming to make sure your lan is protected. our setup is fairly straightforward with the isp modem and then our router. i don't really want to make it complicated i just want to know if there is an easy way to do this so my isp won't shut us down. it doesn't matter to me too what laptop within the building that's causing it.

thanks,
ed

 

[reynolwi]

why dont you setup security on it so that its no longer open? Provide that information to those users that need it and if someone leaves, change the security information so that you wont have to worry about a repeat offense.

Wm. Reynolds
RRWDS | TxPSS

http://www.rrwds.com

http://www.txpubsafety.com

- - - - - - - - - - - - -
Network Error:
Hit any user to continue

 

[edwinhunt]

hello,

thanks for the response. this is not possible because it has to be open in order to provide free internet connection in the building. even if we create encryption keys, we will have to give them out so they can connect so this setup will do no good to us. tracking the culprit laptop is also a great task because it can be anybody and even if we find it, it can happen again.

thanks,
ed

 

[spi200]

Hi

You router will log entries for Web sites visted etc, have your ISP give you some more details as to the offending links and you may be able to find them in your logs. As a guess I would expect someone sending Malware would be a large user, so you may be able to create a short list of those users who are using more bandwidth than others. Wireless routers vary greatly on how much loggin they offer, so have a look at yours and see what can be done.
I have a Netgear home wireless router (about $75) and it does basic logging and shows all web pages visted by any connect device.

Good luck


Dave

 

[reynolwi]

well but thats the thing with having an open network like that, your going to have people using your connection that arent suppose to be. thats the whole point of having a security option on it so it keeps the unwanted people from gaining access to the network like that. if my isp knew i had an unsecured wireless network like that they would shut it off because its technically illegal to use or "pirate" someone elses connection like that.

Wm. Reynolds
RRWDS | TxPSS

http://www.rrwds.com

http://www.txpubsafety.com

- - - - - - - - - - - - -
Network Error:
Hit any user to continue

 

[N0ktar]

What you really need is gear from higher shelf, something like Cisco ASA, it can secure both incoming and outgoing traffic, you use access control lists to accurately specify what can and cannot be done. Most likely though you will not be able to stop spam without blocking SMTP port 25 out.
If you are providing free Internet access ONLY for browsing websites than close all ports except for port 80 and 443.
You will need some sort of controls in place otherwise some people will abuse the service and shut it down for everyone.

 

[edwinhunt]

thank you all for your help and responses.

-ed