- Joined
- Mar 26, 2003
- Location
- North America
Ok guys, here's the deal. My apartment complex (a large collection of townhomes, not the usual box-of-boxes building) provides "free" high speed internet access to all the people in the community. Each townhome comes with a handful of RJ45 jacks in the wall to plug in your 10/100E card and go to town.
From multiple traceroutes, reverse traceroutes, port scans and some sniffing I have ascertained that the main office has a single Insight (Cox) business cable connection that is "shared" out on a hubbed network. It's done so by a seemingly cheap Windows box that's acting as a software router and software firewall. There's a few ports left open for remote administration from the WAN side, and some simple DHCP services with no DNS.
Ok, that's the basic design. The problem here is that the download speeds have been going down and down and further down until now even surfing a simple webpage such as the OC takes a minute or more to fully download -- transfer rates in excess of 1.1kb/sec have become the "norm".
A little more creative sniffing has found that multiple users on this single subnet (standard 192.168.0.x windows-sharing setup) are infected with MSBlaster or Welchia virsuses (among tons of others) and are broadcasting junk at full-tilt onto the internal network. I have my own DMZ that filters all that crap out, so none of the actual viruses are affecting me... But all the stinkin virus traffic is jamming up the WAN connection.
I called the complex to complain, but they only offer "best effort" support. The person that duct-taped this thing together was someone's "smart" grandson or something who doesn't really support it. Pay him $100 and he'll "sell" you a PCI nic (NE2000 compatible POS that cost $5 I'm sure) and install it for you... Big whoop.
So, for the good of my connection, and the good of everyone else's connection, what are some things I can do specifically to those eight or nine machines (I have MAC's and IP's) to get them to stop squaking on the network?
I thought about putting up a Win2003 server on the network and forcing it as a DHCP server with an incorrect gateway address. That way the machines could broadcast crap all they want but wouldn't plug up the WAN gateway. Unfortunately, that breaks everyone in the complex that doesn't hard-code their gateway connection.
I don't want to break everyone, I just want to shut those eight or nine machines up. Can I hand-create a big-assed overflow packet in SMS NetMon 2.1 and plug up their IP stack? Something else I'm not thinking about? Maybe this question is a bit too "hackerish" for this forum, maybe not the best place to ask. If so, my apologies and I'll delete it.
From multiple traceroutes, reverse traceroutes, port scans and some sniffing I have ascertained that the main office has a single Insight (Cox) business cable connection that is "shared" out on a hubbed network. It's done so by a seemingly cheap Windows box that's acting as a software router and software firewall. There's a few ports left open for remote administration from the WAN side, and some simple DHCP services with no DNS.
Ok, that's the basic design. The problem here is that the download speeds have been going down and down and further down until now even surfing a simple webpage such as the OC takes a minute or more to fully download -- transfer rates in excess of 1.1kb/sec have become the "norm".
A little more creative sniffing has found that multiple users on this single subnet (standard 192.168.0.x windows-sharing setup) are infected with MSBlaster or Welchia virsuses (among tons of others) and are broadcasting junk at full-tilt onto the internal network. I have my own DMZ that filters all that crap out, so none of the actual viruses are affecting me... But all the stinkin virus traffic is jamming up the WAN connection.
I called the complex to complain, but they only offer "best effort" support. The person that duct-taped this thing together was someone's "smart" grandson or something who doesn't really support it. Pay him $100 and he'll "sell" you a PCI nic (NE2000 compatible POS that cost $5 I'm sure) and install it for you... Big whoop.
So, for the good of my connection, and the good of everyone else's connection, what are some things I can do specifically to those eight or nine machines (I have MAC's and IP's) to get them to stop squaking on the network?
I thought about putting up a Win2003 server on the network and forcing it as a DHCP server with an incorrect gateway address. That way the machines could broadcast crap all they want but wouldn't plug up the WAN gateway. Unfortunately, that breaks everyone in the complex that doesn't hard-code their gateway connection.
I don't want to break everyone, I just want to shut those eight or nine machines up. Can I hand-create a big-assed overflow packet in SMS NetMon 2.1 and plug up their IP stack? Something else I'm not thinking about? Maybe this question is a bit too "hackerish" for this forum, maybe not the best place to ask. If so, my apologies and I'll delete it.