How many machines are we talking about here? All local or some in remote locations? The ISP did not provide the IP of the device that was misbehaving?
Shauna Hensala From: [email protected] To: [email protected] Subject: Torpig/Anserin/Mebroot infection Date: Mon, 3 Oct 2011 13:22:56 -0400 So, our external IP is blacklisted because apparently one of our machines is infected with a banking Trojan. Short of going to each and every individual machine on the network, the only thing I can think of to do is to set up logging of the ASA to a syslog server. I have downloaded and installed a trial version of Kiwi syslog, but I can’t figure out how to configure it to forward the log files to my system. Anyone here able to provide a good how-to? I *did* Google, but apparently my Google-fu sucks, as I wasn’t able to find instructions that made sense to me. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
