nanog mailing list archives
Re: Quarantine your infected users spreading malware
From: Jim Segrave <jes () nl demon net>
Date: Thu, 2 Mar 2006 12:00:44 +0100
On Tue 28 Feb 2006 (19:29 +0000), Christopher L. Morrow wrote:
On Tue, 28 Feb 2006, Bill Nash wrote:The simplest method is to issue a different gateway to a registry of known offenders, forcing their into a restrictive environment that blocks all ports, and uses network translation tricks to redirect all web traffic to a portal. For cable modems and bridged DSL, you can do this with DHCP, matching their MAC address. PPPOE/DSL or similiar, you match on user name. Issue RFC1918 space with a gateway to your quarantine network. The rest is NAT/PAT and w3proxy stunts. You could pull it off with something as simple as iptables and squid, after dealing with the DHCP or authentication servers (ala Radius) to issue to the correct credentials.yes, I could dream up a few hundred ways to accomplish this, but the 'documentation' at the site referenced doesn't address even one way. So, saying 'it works' and 'it works for carriers' and 'yea us!' is not helpful, without some example of 'how' :(
You did think of contacting them and asking? You know, e-mail, fax, telephone, that sort of thing? The first time I mentioned this company, I said that it is used to put infected customers into a virtual router where all their internet traffic is proxied via a server. which blocks unwanted addresses, answers web requests not to designated servers from an internal service - so going to google.com brings up the page explaining why your account is quarantined. The specifics of connecting it to your network, oddly enough, probably will depend on how your network is built, which is why you might need to contact them. I thought this was a network operator's mailing list, not a spoon-feeding session -- Jim Segrave jes () nl demon net
Current thread:
- Re: Quarantine your infected users spreading malware, (continued)
- Re: Quarantine your infected users spreading malware Jack Bates (Mar 01)
- Re: Quarantine your infected users spreading malware David Nolan (Mar 01)
- Re: Quarantine your infected users spreading malware Bill Nash (Mar 01)
- Re: Quarantine your infected users spreading malware David Nolan (Mar 01)
- Re: Quarantine your infected users spreading malware JP Velders (Mar 01)
- Re: Quarantine your infected users spreading malware Christopher L. Morrow (Mar 01)
- Re: Quarantine your infected users spreading malware Jack Bates (Mar 01)
- Re: Quarantine your infected users spreading malware David Nolan (Mar 01)
- Re: Quarantine your infected users spreading malware Christopher L. Morrow (Mar 02)
- Re: Quarantine your infected users spreading malware Jim Segrave (Mar 02)
- Re: Quarantine your infected users spreading malware Jim Segrave (Mar 02)
- Re: Quarantine your infected users spreading malware Christopher L. Morrow (Mar 01)
- Re: Quarantine your infected users spreading malware Jack Bates (Mar 01)
- Re: Quarantine your infected users spreading malware Jim Segrave (Mar 02)
- Re: Quarantine your infected users spreading malware Robert E . Seastrom (Mar 02)
- Re: Quarantine your infected users spreading malware Niels Raijer (Mar 02)
- Re: Quarantine your infected users spreading malware Robert E . Seastrom (Mar 02)