Hi, One of our PC which is running on REDHat is sending SMTP packets to the firewall. Though the firewall drops the packet, it logs the same. We wanted to know :
1. IF we have to run a packet capture tool, where do we run ? - on the firewall or the PC ?
2. We ran network monitoring tool, but did not find any service / application on the rouge PC that is sending smtp packets. How do I trace back to the service / application ?
Thanks in advance
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!
No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.
Your password has been sent to:firstname.lastname@example.org
To follow this tag...
Thanks! We'll email you when relevant content is added and updated.
Share this item with your network: