Best way to log internet traffic for office network via remote IP

Posted by buzzmonkey on Server Fault See other posts from Server Fault or by buzzmonkey
Published on 2012-12-07T10:59:42Z Indexed on 2012/12/07 11:07 UTC
Read the original article Hit count: 151

Filed under:
|

We have a network of about 40 machines running either Win XP or 7 in our office via LAN switches into 1 x Netgear Router (WNDR3700). We have noticed recently that our local network has been added to the CBL Blacklist due to one of our machines being infected with Torpig.

I have attempted to use Kaspersky's TDSSKiller Antirootkit Utility to find the infected machine but all appear to be clear.

The CBL register advises to find the local machine which is connection to the remote IP address (CBL has provided the range). However, our router does not have the ability to block remote IP addresses - does anyone know of a software which can log all the internet traffic, which we can then use to find the infected machine.

© Server Fault or respective owner

Related posts about monitoring

Related posts about traffic