Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    How do i block an infected PC from using our internet connection.

    General pfSense Questions
    2
    2
    617
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rdevries last edited by

      This is an open wireless connection used in a public site. We have been shutdown by Rogers due to botnet activity.
      What pack can i use to prevent this outbound activitiy?

      Thanks

      1 Reply Last reply Reply Quote 0
      • N
        Nachtfalke last edited by

        What you probably need is SNORT as IDS/IPS.

        I never used it but it is a detrusion prevention and detection system which allows you to block source or destination IP addresses to be blocked if there is any violation. Blocking can be done by time so that an IP/host will be blocked for 1h and after that can again access and of course - if there is violation again - blocks again this IP/host.

        Of packages forum there are some threads about snort and some really good threads and how-tos from user bmeeks how to use snort.

        You should have a lookt at this and reads the threads carefully to find what you need.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post