Solved

Rogue PC accessing port 25

Posted on 2015-01-08
6
148 Views
Last Modified: 2015-01-08
Our service provider notified us of why our bandwidth was being affected.  They said that a rogue PC is trying to access port 25 on our network.  Is there a way to locate which PC is doing this?  Are there any tools that I can download to locate it?
0
Comment
Question by:al4629740
  • 4
  • 2
6 Comments
 
LVL 7

Expert Comment

by:tolinrome
ID: 40538975
Besides your mail server another pc is trying to send on port 25? Wireshark.
Do you have an IDS\IPS system. Can you look in the firewall logs?
0
 

Author Comment

by:al4629740
ID: 40539041
I don't know the answer to those questions...

Our mail server is outside our LAN.  Can I use Wireshark for free and if so how would I locate the pc?  I used Wireshark a long time ago.
0
 
LVL 7

Expert Comment

by:tolinrome
ID: 40539063
certainly you have a firewall no?

What specifically does the ISP mean by "a rogue PC is trying to access port 25 on our network"?

Did they say the source was internal or external?

Anyway check the firewall logs for clients trying to send on port 25 thats the first thing I would do.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 7

Expert Comment

by:tolinrome
ID: 40539073
Also, antivirus should be able to detect this and send alerts.
0
 

Author Comment

by:al4629740
ID: 40539080
They said the host was external.  

We only have Panda Antivirus on the PCs.  Do I need to just check all the virus programs?
0
 
LVL 7

Accepted Solution

by:
tolinrome earned 500 total points
ID: 40539170
Block port 25 on your firewall from all IP addresses except your incoming mail server provider ip's
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question