Link to home
Start Free TrialLog in
Avatar of Darrel Winbush
Darrel WinbushFlag for United States of America

asked on

Monitoring port 16464 on a Cisco ASA 5500

I'm having an issue with out external IP being blacklisted, I have been researching this all day and have followed these instructions in order to only allow stmp traffic to flow from my mail server.

http://www.petenetlive.com/KB/Article/0000172.htm

I would like to narrow down the issue so i can find the client thats causing the issue.  Some of the posts i have read and the info i received from the CBL say to monitor traffic on port 16464 but i'm not sure how to setup that rule on the Cisco firewall.

Message from CBL is below -
"If this IP address is a NAT gateway, it should be possible to find which computer on your internal network is infected by implementing a filter on your firewall to detect and log attempts to send UDP packets to the Internet with a destination port number of 16464."


Can someone give me some step by step instructions on how to set this up? and what and where to look for when it is?

Thank you
ASKER CERTIFIED SOLUTION
Avatar of btan
btan

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Darrel Winbush

ASKER

Thank you for the information.