In those 2 recently days I have been expering a big problem with viruses , I had a problem that viruses uses all my upload , I tried to drop all those packets but it didn't worked at all . Does any of you had expering this problem like i did with viruses .
Any idesa would be fine.
-
-
bajramzeqiri
just joined
- Posts: 2
- Joined:
:thank you very much I added those scripts on my routers but nothing works , first of all i need to explain again my problem .
The viruses that my end users are infected is that most of them use all my upload to pass through of my BaseRotuer , is there any idea that I can stop this upload to go out of my BaseRouter , Upload that those infected end users use is 10/100 MBp/s same as the LAN CARD is.
Any ideas would be fine.
What do you prefer me?
Best Regards,
The viruses that my end users are infected is that most of them use all my upload to pass through of my BaseRotuer , is there any idea that I can stop this upload to go out of my BaseRouter , Upload that those infected end users use is 10/100 MBp/s same as the LAN CARD is.
Any ideas would be fine.
What do you prefer me?
Best Regards,
-
-
andrewluck
Forum Veteran
- Posts: 700
- Joined:
- Location: Norfolk, UK
First of all, Anti-Virus software on your users computers. Even if you block this attack, when the next one arrives you'll be back where you started. If they don't comply then block all traffic from their IP until they do. This is where a well written set of Terms and Conditions can be of benefit.
Otherwise, you need to identify the traffic on your router. This will typically be it's destination port. Once you know what the traffic looks like you can block it.
Regards
Andrew
Otherwise, you need to identify the traffic on your router. This will typically be it's destination port. Once you know what the traffic looks like you can block it.
Regards
Andrew
-
-
srikanth418
newbie
- Posts: 32
- Joined:
try this
ip firewall add name=virus
ip firewall rule input add in-interface=all action=jump \ jump-target=virus comment="!!! Check for well-known viruses !!!"
ip firewall rule forward add in-interface=all action=jump \ jump-target=virus comment="!!! Check for well-known viruses !!!"
ip firewall rule virus add dst-address=:135-139 protocol=tcp action=drop comment="Drop Blaster Worm."
ip firewall rule virus add dst-address=:135-139 protocol=udp action=drop comment="Drop Messenger Worm."
ip firewall rule virus add dst-address=:445 protocol=tcp action=drop comment="Drop Blaster Worm."
ip firewall rule virus add dst-address=:445 protocol=udp action=drop comment="Drop Blaster Worm."
this should work
ip firewall add name=virus
ip firewall rule input add in-interface=all action=jump \ jump-target=virus comment="!!! Check for well-known viruses !!!"
ip firewall rule forward add in-interface=all action=jump \ jump-target=virus comment="!!! Check for well-known viruses !!!"
ip firewall rule virus add dst-address=:135-139 protocol=tcp action=drop comment="Drop Blaster Worm."
ip firewall rule virus add dst-address=:135-139 protocol=udp action=drop comment="Drop Messenger Worm."
ip firewall rule virus add dst-address=:445 protocol=tcp action=drop comment="Drop Blaster Worm."
ip firewall rule virus add dst-address=:445 protocol=udp action=drop comment="Drop Blaster Worm."
this should work
-
-
napairnetworks
just joined
- Posts: 10
- Joined:
