We just had someone with a virus and it pretty much took everyone on the access point down. It sure would have been nice to be able to put in their MAC address and block all their traffic.
John ----- Original Message ----- From: "Wayland Sothcott" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, November 27, 2003 09:54 AM Subject: Re: [smartBridges] Virus attacks > We don't have that feature in smartBridges but I have seen it in other > devices. > > ----- Original Message ----- > From: "Stuart Pierce" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, November 27, 2003 1:51 PM > Subject: RE: [smartBridges] Virus attacks > > > > I haven't checked, but can you put in a mac address to NOT allow to > authenticate ? Will the constant trying of authentication drive the ap wild > or how much would it drive it wild ? > > > > ---------- Original Message ---------------------------------- > > From: "The Wirefree Network" <[EMAIL PROTECTED]> > > Reply-To: [EMAIL PROTECTED] > > Date: Wed, 26 Nov 2003 08:22:55 -0800 > > > > >Eeekkk...to undo the ESSID you would have to either: > > >a. rollout > > >b. have the client perform a "restore to default" with the PoE (iff you > used > > >simpleDeploy) > > > > > >Once you tell the client how to do the "restore to default", they will do > it > > >every time their connection acts up. > > > > > >Just use MAC internal filtering and DON'T put that client in the list. > > > > > >I do this all the time. > > > > > >Sully > > > > > >> -----Original Message----- > > >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > >> 15.org] On Behalf Of [EMAIL PROTECTED] > > >> Sent: Wednesday, November 26, 2003 7:52 AM > > >> To: [EMAIL PROTECTED] > > >> Subject: RE: [smartBridges] Virus attacks > > >> > > >> In this situation, I log into their radio and type in an invalid ESSID, > > >> kicking them off the AP. They're no longer on the network. > > >> > > >> They then get a phone call from me and I explain why they've suddenly > lost > > >> connection. They get the option to pay me to come out and fix their > > >> computer or promise that as soon as I get them back online, they will > > >> download and install AV software (www.grisoft.com is *free*, so they > have > > >> no excuse). If they agree, I have them reset their radio which gets > them > > >> back online. If they keep doing it, I kick them offline and they get a > > >> tech-support charge from me to go out there and fix them (haven't done > > >> this yet, but i've got a couple people who are starting to get on my > > >> nerves. Maybe it's an education issue, maybe it's apathy --in either > > >> case, I DO NOT need that kind of crap on my network!) > > >> > > >> If I get more than 2 or 3 people doing that in a week, I send out an > email > > >> to all customers emphasizing the importance of keeping their AV > > >> definitions current, and Windows Update is their friend. > > >> > > >> TIM > > >> > > >> +++++++++++++++++++++++++++++++++++ > > >> > > >> Hi, > > >> > > >> We are running a wireless network servicing about 30 customers on 4 > > >> Airpoint AP's. Currently a subscriber gateway is being used to > > >> authenticate users. We have had an ongoing problem with users getting > > >> viruses and then bringing the network to a crawl and/or completely down > as > > >> the virus scans and/or spams to spread itself. Removing the customer > from > > >> the subscriber gateway stops any access to the Internet at large, but > > >> because they are still connected to the AP's, the AP itself and our > > >> internal equipment are still getting hammered. Currently we are not > using > > >> the internal MAC filtering feature on the airpoints. Has anyone know > if > > >> this (or any other actions) will allow us to completely shut off an > > >> infected user? Any input you have would be appreciated. > > >> > > >> Thanks, > > >> Andrew Goble > > >> > > >> Tim Foster > > >> www.AledoBroadBand.com > > >> Aledo's only high-speed ISP > > >> > > >> The PART-15.ORG smartBridges Discussion List > > >> To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe > > >> smartBridges <yournickname> > > >> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe > > >> smartBridges) > > >> Archives: http://archives.part-15.org > > > > > >The PART-15.ORG smartBridges Discussion List > > >To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe > smartBridges <yournickname> > > >To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe > smartBridges) > > >Archives: http://archives.part-15.org > > >--- > > >[This E-mail scanned for viruses by Declude Virus By Avolve.net] > > > > > > > > --- > > [This E-mail scanned for viruses by Declude Virus By Avolve.net] > > > > The PART-15.ORG smartBridges Discussion List > > To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe > smartBridges <yournickname> > > To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe > smartBridges) > > Archives: http://archives.part-15.org > > > > > The PART-15.ORG smartBridges Discussion List > To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> > To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) > Archives: http://archives.part-15.org > The PART-15.ORG smartBridges Discussion List To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) Archives: http://archives.part-15.org
