Hello,
I have a question about a Sophos UTM SG450.
Around every hour we get a message about a threat: C2/Zbot-A
Threat name....: C2/Zbot-A (SID: 26267)
Details........: C2/Zbot-A - Viruses and Spyware - Web Threat, Virus and Spyware Detection and Removal | Sophos - Threat Center - Cloud Antivirus, Endpoint, UTM, Encryption, Mobile, DLP, Server, Web, Wireless Security, Network Storage and Next-Gen Firewall Solutions
Time...........: 2014-08-22 11:43:44
Traffic blocked: yes
Internal source IP address or host: x.x.x.x (DNS Server)
What is the best way to find out what server is making the request to my DNS server ?
Thx in advanced
This thread was automatically locked due to age.
