Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)Worm alert on Mako Router
Foiler

220 posts

Master Geek
+1 received by user: 10


#122123 25-Jun-2013 14:05
Send private message

A workstation connecting to one particular legitimate website always creates a worm alert on the Mako gateway router, where the alert suggests there have been 1000+ new connections within the past 10 minutes.

I think there is some kind of incompatibility between the browser and the web app, but we need more packet level data to support this notion.

The support guys at Mako and Secureme say that details of the 1000+ sessions are not available after the event, but maybe we can set up a prior trap .. is there any way of setting some kind of trap on the Mako to give full details of the data or the connections during this localised event? 

Otherwise I guess we could put some packet sniffing software on the client? Wireshark?

Create new topic
ubergeeknz
3344 posts

Uber Geek
+1 received by user: 1041

Trusted
Vocus

  #844017 25-Jun-2013 14:08
Send private message

I'd say Wireshark is an excellent place to start, yes.

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright