Blocking Viruses With Pfsense For A WISP
-
Hey Guys,
I Run A Network for a WISP
And we are having a BIG Problem with Customers getting Viruses
And over loading our PpsWhat Are the Best Ways to Block Viruses with Pfsense?
We Have 3 WAN's 1 LAN and 11 VLAN's Running Pfsense 1.2.3 RC3 about to upgrade to Pfsense 2.0
I have been looking into Hvap … how much Lag will this Add to a customer on the LAN ?
And would it be Possible to Run Hvap on A different PFsense Box so I don't slow Down the Main Router?
Where is the Best Place to Find all the Ports I should be Blocking to Block Known Viruses?
Is there a way to Limit Connections Per IP to like say 100 each way so if that IP is infected
it will shut the service off?Thank's
-
You don't want to virus scan any traffic to and from clients as an ISP, requires proxying traffic which will potentially cause all kinds of issues and should never be done by an ISP. Limiting states per-host with advanced options on firewall rules is the best option. Blocking TCP/UDP 135-139 and 445 will knock out the typical Windows worms, and blocking SMTP out from residential customers is generally a good practice.
-
How do you Do Limiting states per-host? I Can't Seem to Get it to Work in pfsense 1.2.3
is this something that Works better in pfsense 2.0 or am I doing something wrong?
Thanks
-
Also is it possible to Block Download by File Name
Like…
Block Source File Name Cpnprt2.cid Dest LAN subnet ???That Would be amazing
-
Also is it possible to Block Download by File Name
Like…
Block Source File Name Cpnprt2.cid Dest LAN subnet ???only if you proxy all HTTP traffic, which isn't something you want to do as an ISP.
How do you Do Limiting states per-host?
Works fine, see the advanced options on each rule. Detailed in http://pfsense.org/book