For some reason our firewall (sonicwall) has been maxing out on its connections. Sonicwall indicates it may be a virus on a workstation that is sending out bogus IP traffic.
Forgive what may be a basic question but: Is there a way to monitor all IP traffic on the entire network (similar to what the packet monitors will do with the broadcast UDP traffic)?
I realize I can use a packet monitor to try and figure out where the traffic is coming from but all of the monitors I have tried I must specify which IP address I want to monitor. I tried to monitor the firewall local IP address but got a connection error. I realize the method here will depend on the which software I am using so any help on this choice would be appreciated as well.
Thanks in advance
Forgive what may be a basic question but: Is there a way to monitor all IP traffic on the entire network (similar to what the packet monitors will do with the broadcast UDP traffic)?
I realize I can use a packet monitor to try and figure out where the traffic is coming from but all of the monitors I have tried I must specify which IP address I want to monitor. I tried to monitor the firewall local IP address but got a connection error. I realize the method here will depend on the which software I am using so any help on this choice would be appreciated as well.
Thanks in advance