Locate machine connecting to ip address in Windows network
Posted on 2014-01-15
Looking through the (very) basic reports available on my Sonicwall TZ170, I can see that there has been 2500 'hits" to a website called xtracker.info.
As best as I can tell, this site is the connection port for a virus/backdoor/trojan.
How can I try to find out what machines in my Windows network are connecting to this site?
I will of course block connections to this IP address using the Sonicwall, but I'd like to locate and remove the malware first.