Hi, One of our PC which is running on REDHat is sending SMTP packets to the firewall. Though the firewall drops the packet, it logs the same. We wanted to know :
1. IF we have to run a packet capture tool, where do we run ? - on the firewall or the PC ?
2. We ran network monitoring tool, but did not find any service / application on the rouge PC that is sending smtp packets. How do I trace back to the service / application ?
Thanks in advance
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!