al4629740
asked on
Rogue PC accessing port 25
Our service provider notified us of why our bandwidth was being affected. They said that a rogue PC is trying to access port 25 on our network. Is there a way to locate which PC is doing this? Are there any tools that I can download to locate it?
ASKER
I don't know the answer to those questions...
Our mail server is outside our LAN. Can I use Wireshark for free and if so how would I locate the pc? I used Wireshark a long time ago.
Our mail server is outside our LAN. Can I use Wireshark for free and if so how would I locate the pc? I used Wireshark a long time ago.
certainly you have a firewall no?
What specifically does the ISP mean by "a rogue PC is trying to access port 25 on our network"?
Did they say the source was internal or external?
Anyway check the firewall logs for clients trying to send on port 25 thats the first thing I would do.
What specifically does the ISP mean by "a rogue PC is trying to access port 25 on our network"?
Did they say the source was internal or external?
Anyway check the firewall logs for clients trying to send on port 25 thats the first thing I would do.
Also, antivirus should be able to detect this and send alerts.
ASKER
They said the host was external.
We only have Panda Antivirus on the PCs. Do I need to just check all the virus programs?
We only have Panda Antivirus on the PCs. Do I need to just check all the virus programs?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Do you have an IDS\IPS system. Can you look in the firewall logs?