bobox00
asked on
How to use tcp dum feature on SonicWall firewall to track/catch botnet
opendns.com says that there's a malware/botnet activity detected on my network. I understand that I can use the tcp dump feature on my firewall to find out which device is involved in this botnet activity. Please give me ideas on how to track down this device. I have an NSA 3500 firewall.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hmmm I have an NSA 2400. On the left hand side where the options are after logging in i click on firewall. When firewall expands i have connection monitor on the left side under the expanded firewall group.
What firmware are you on?
Do you still have dynamic support on the device? If so you can call sonicwall.
What firmware are you on?
Do you still have dynamic support on the device? If so you can call sonicwall.
ASKER
Firmware Version: SonicOS Enhanced 5.8.1.5-46o
Currently don't have support services active.
nsa3500-netmon.jpg
Currently don't have support services active.
nsa3500-netmon.jpg
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER