On Tue, 10 Oct 2006 10:38:58 -0500 (CDT) eric@austinconventioncenter.com wrote:
Here is the scenario: Our network is utilized by guest users all the time, sometimes into the thousands. We see guests from all over with a variety of OSs & hardware, all of which, we have no control or say in that matter.
I am looking for something that I can run in promiscuous mode and/or on a span port that will sniff for viri and then alert/log when it sees a virus. We can then track down the culprits' ip/mac and shut off the switch port he/she is connected to and then visit with the guest to help them clean their machine.
I think that first to look at is network design. With proper design such as vlans, secondary ip addresses, and proper dhcp config.
I have ta similar requirement, but not as large. I have daily guest [dozens], with vlans and dhcp they can access the internet, but have absolutely no access or cause damage to any of the internal resources.