?
Solved

Virus filtering for non-secured hotel network.

Posted on 2006-07-19
2
Medium Priority
?
310 Views
Last Modified: 2010-03-19
I have a customer, a hotel that has a non-secured wireless network for their guests to use to access the internet.  Currently it's just a Cisco router and a series of wireless access points.  The problem we are having is that guests are showing up with infected laptops and using the internet connection to unknowingly blast out mail viruses in particular.  The ISP is getting annoyed and wants us to do something about it.

I thought about limiting outbound tcp/25 access to the mail servers of the ISP only.  But then most customers probably woudn't be savvy enough to change their outbound mail server and would just experience it as mail not working properly.

Alternatively I know that I could put a Barracuda hardware virus filter box in place and that would do the trick.  But at several thousand dollars that's way more than this customer wants to spend.  Does anyone know if there's a cheap Linksys-style box that would do more or less the same thing?  Basically I just need some in-line solution that will detect virus traffic and kill it, getting the ISP off our backs.

Thanks,

Ben
0
Comment
Question by:cns13
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Accepted Solution

by:
Dbergert earned 375 total points
ID: 17140152
if you can setup a linux box, you could transparently redirect port 25 (SMTP) to a Transpart SMTP proxy that performs virus scanning,   such as :

http://smtp-proxy.klolik.org/
http://memberwebs.com/nielsen/software/proxsmtp/transparent.html

Or   Require users to use company VPNs or Webmail....  you could could put this on a stiker on the modem in the hotel or another notice and block SMTP

Or -- install a proxy server, that would filter traffic for viruses ? ? ?

I've used mailscanner.info -- also ...

 
0
 

Author Comment

by:cns13
ID: 17140194
Thanks Dbergert,

The Linux solution would be fun.  I tend to use a fair amount of Linux here in my network for remote monitoring of customer networks.

But I'm concerned about the time it would take to set up.  I talked with Sonicwall and they claimed that their gateway antivirus on a little tz170 would work.  That's only about $1000 in hardware and 2-3 hours of my time, so I think that will be the cheapest in the long run.

But I'll give you the points for being the only one to answer!

Ben
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
In this article, we’ll look at how to deploy ProxySQL.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses
Course of the Month13 days, 22 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question