We have had a couple of situations now where a customer machine will get a
Trojan that sends out massive amounts of traffic and bring down every other
customer on the same AP. Most recently, it was one called multidr.bk/Troj
which opened up damn near every port in the 3000 range.
All of our wireless network is routed and customers are behind
dlink/netgear/linksys/etc routers on the other side of our cpe. However, this
traffic makes it past the router and our cpe and ends up dominating the polling
cycles on the ap they are connected to and causing massive packet loss for
everyone else on that ap, ultimately basically locking up the ap.
Other than turning off the customer in the maclist until the problem is
resolved, has anyone found a way to safeguard against this sort of thing?
Brett Hays
Hometown Online
_______________________________________________
Karlnet mailing list
Karlnet@WISPNotes.com
http://lists.wispnotes.com/mailman/listinfo/karlnet
|