On Tue, 10 Oct 2006 10:38:58 -0500 (CDT) eric at austinconventioncenter.com wrote: > Here is the scenario: Our network is utilized by guest users > all the time, sometimes into the thousands. We see guests from > all over with a variety of OSs & hardware, all of which, we have > no control or say in that matter. > > I am looking for something that I can run in promiscuous mode > and/or on a span port that will sniff for viri and then > alert/log when it sees a virus. We can then track down the > culprits' ip/mac and shut off the switch port he/she is > connected to and then visit with the guest to help them clean > their machine. I think that first to look at is network design. With proper design such as vlans, secondary ip addresses, and proper dhcp config. I have ta similar requirement, but not as large. I have daily guest [dozens], with vlans and dhcp they can access the internet, but have absolutely no access or cause damage to any of the internal resources. -- Thanks http://www.911networks.com When the network has to work