Solved

Locate machine connecting to ip address in Windows network

Posted on 2014-01-15
1
349 Views
Last Modified: 2014-01-16
Looking through the (very) basic reports available on my Sonicwall TZ170, I can see that there has been 2500 'hits" to a website called xtracker.info.

As best as I can tell, this site is the connection port for a virus/backdoor/trojan.

How can I try to find out what machines in my Windows network are connecting to this site?

I will of course block connections to this IP address using the Sonicwall, but I'd like to locate and remove the malware first.

Thanks
0
Comment
Question by:encoad
1 Comment
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 500 total points
ID: 39784577
Hi,

There was a similar question a few days back, it might help you get to the infected machines:

http://www.experts-exchange.com/Security/Misc/Q_28334188.html

Basically, placing a sniffer near a concentration point (e.g: switch before firewall capable of setting a monitor port) and filtering the traffic.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
BGP prefix and routing 3 57
Oracle DB Slows After Datapump Until Next Reboot 27 90
Router Question 12 54
Can a default browser by set on Windows 7 9 47
By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question