<div>
Thanks Jacob. Unable to find &quot;connections monitor&quot; under firewall
</div>


Thanks Jacob. Unable to find "connections monitor" under firewall

<div>
Hmmm &nbsp;I have an NSA 2400. &nbsp;On the left hand side where the options are after logging in i click on firewall. &nbsp;When firewall expands i have connection monitor on the left side under the expanded firewall group. <br />
<br />
What firmware are you on?<br />
<br />
Do you still have dynamic support on the device? &nbsp;If so you can call sonicwall.<br />
<a href="https://filedb.experts-exchange.com/incoming/2012/07_w28/588843/Capture.PNG" target="_blank" title="Sonicwall Menu screenshot (22 KB)"><img alt="Sonicwall Menu screenshot" class="file-block lazyload" style="max-width: 191px;" data-src="https://filedb.experts-exchange.com/incoming/2012/07_w28/588843/Capture.PNG" /></a>
</div>


Hmmm  I have an NSA 2400.  On the left hand side where the options are after logging in i click on firewall.  When firewall expands i have connection monitor on the left side under the expanded firewall group.

What firmware are you on?

Do you still have dynamic support on the device?  If so you can call sonicwall.
Sonicwall Menu screenshothttps://filedb.experts-exchange.com/incoming/2012/07_w28/588843/Capture.PNG

Capture.PNG

<div>
Firmware Version: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SonicOS Enhanced 5.8.1.5-46o<br />
<br />
Currently don't have support services active.<br />
<a href="https://filedb.experts-exchange.com/incoming/2012/07_w28/588859/nsa3500-netmon.jpg" target="_blank" class="file-inline" title="NSA 3500 (19 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>nsa3500-netmon.jpg</a>
</div>


Firmware Version:       SonicOS Enhanced 5.8.1.5-46o

Currently don't have support services active.
nsa3500-netmon.jpg [https://filedb.experts-exchange.com/incoming/2012/07_w28/588859/nsa3500-netmon.jpg]

nsa3500-netmon.jpg

<div>
<div class="content wysiwyg-content">
opendns.com says that there's a malware/botnet activity detected on my network. I understand that I can use the tcp dump feature on my firewall to find out which device is involved in this botnet activity. Please give me ideas on how to track down this device. I have an NSA 3500 firewall.
</div>
</div>


opendns.com says that there's a malware/botnet activity detected on my network. I understand that I can use the tcp dump feature on my firewall to find out which device is involved in this botnet activity. Please give me ideas on how to track down this device. I have an NSA 3500 firewall.

How to use tcp dum feature on SonicWall firewall to track/catch botnet

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.