asked on How to use tcp dum feature on SonicWall firewall to track/catch botnet
opendns.com says that there's a malware/botnet activity detected on my network. I understand that I can use the tcp dump feature on my firewall to find out which device is involved in this botnet activity. Please give me ideas on how to track down this device. I have an NSA 3500 firewall.
SecurityHardware FirewallsAnti-Spyware
Last Comment
jacobstewart
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thanks Jacob. Unable to find "connections monitor" under firewall
Hmmm I have an NSA 2400. On the left hand side where the options are after logging in i click on firewall. When firewall expands i have connection monitor on the left side under the expanded firewall group.
What firmware are you on?
Do you still have dynamic support on the device? If so you can call sonicwall.
![Sonicwall Menu screenshot]()
What firmware are you on?
Do you still have dynamic support on the device? If so you can call sonicwall.
ASKER
Firmware Version: SonicOS Enhanced 5.8.1.5-46o
Currently don't have support services active.
nsa3500-netmon.jpg
Currently don't have support services active.
nsa3500-netmon.jpg
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.