Link to home
Start Free TrialLog in
Avatar of tonypjones
tonypjones

asked on

Need help with network utility

I recently had a virus outbreak on my network (IRCbot, SDbot, and Rinbot). I believe I have the viruses cleaned off, however my domain is still being blacklisted and we are not able to send email offsite. Does anyone know of a tool I can use to scan my entire network for rogue smtp servers or anything else that would cause my domain to be blacklisted? Thanks

Anthony
ASKER CERTIFIED SOLUTION
Avatar of Jay_Jay70
Jay_Jay70
Flag of Australia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of masnrock
You could use a tool like Wireshark (www.wireshark.com). Essentially, the idea is that you want to figure out who is generating the most network traffic. That should at least give you somewhat of an idea of the worst machines to target first.

Also, you'll want to push out more up to date virus definitions (and maybe even AV software), another key thing would be to disconnect the known problematic machines from the network until you can get them up to snuff (I know this is time consuming).
Avatar of tonypjones
tonypjones

ASKER

I'm basically looking for a security tool to identify spambots and other malware within my network. I push my AV defs and OS updates out as fast as I can, but sometimes it's not fast enough. I'd like to be able to identify malicious traffic and where it's coming from as early as possible