Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Windows Server General Help » Network monitor capture port 25
Network monitor capture port 25 [message #164014] Thu, 11 June 2009 23:05 Go to next message
J  is currently offline J  United States
Messages: 66
Registered: August 2009
Member
SBS 2003
My server keeps getting on blacklists.
I suspect that there is a spambot on one of our PCs sending out spam.

I would like to run Network Monitor or Wireshark and try to figure
what PC
is the culprit.
I would like to get a report showing total number of smtp packets sent
by IP address.
Can someone walk me through how to do that on either of these
products.
I've played around with them but can't seem to get what I want.
Re: Network monitor capture port 25 [message #164018 is a reply to message #164014] Thu, 11 June 2009 23:53 Go to previous message
lanwench  is currently offline lanwench  United States
Messages: 1684
Registered: July 2009
Senior Member
J <kmclaurin1959@gmail.com> wrote:
> SBS 2003
> My server keeps getting on blacklists.
> I suspect that there is a spambot on one of our PCs sending out spam.
>
> I would like to run Network Monitor or Wireshark and try to figure
> what PC
> is the culprit.
> I would like to get a report showing total number of smtp packets sent
> by IP address.
> Can someone walk me through how to do that on either of these
> products.
> I've played around with them but can't seem to get what I want.

I don't know how to walk you through wireshark - I've never had much luck.
But wouldn't it be simplere just to stop your workstation IP range from
connecting outbound to anything other than 25 or 80? Your firewall appliance
should be able to do this, or ISA.
Previous Topic:how switch to local profiles?
Next Topic:profile folders REMAIN redirected
Goto Forum:
  


Current Time: Tue Aug 22 03:07:58 EDT 2017

Total time taken to generate the page: 0.15174 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software