Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Monitoring traffic to server via different ports

Status
Not open for further replies.
datadan

datadan

IS-IT--Management
Joined
Jul 22, 2002
Messages
283
Location
US
I run an IMAP server. (RH9/postfix/courrier).

Some computers are infected with a virus that uses its own SMTP engige to spew garbage. I am trying to isolate which computers are infected. My thought:

People should be connected to IMAP via port 143 or port 80/8080. SMTP is on port 25.

If I can isolate what traffic is comming to port 25 by IP I can then nail the bastard....

Does this sound reasonable? Ideas on tools I can use?
Thanks,
 
Sort by date Sort by votes
Status
Not open for further replies.

Similar threads

MP2023
  • Locked
  • Question Question
mail Server
Replies
0
Views
631
MP2023
MP2023
MP2023
  • Locked
  • Question Question
Mail Server zimbra
Replies
0
Views
642
MP2023
MP2023
bk Patel
  • Locked
  • Question Question
Openscape 4000 Eco Server
Replies
3
Views
917
bk Patel
bk Patel
Phi_1.618
  • Locked
  • Question Question
Linux server
Replies
2
Views
749
SamBones
SamBones
donald lepariku
  • Locked
  • Question Question
Error: 694, Severity: 24, State: 10 An attempt was made to read logical page '153', virtpage '616' f
Replies
3
Views
848
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top