Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2744
Views
0
Helpful
4
Replies

IP not found in Computers

kostasthedelegate
Level 4
Level 4

‎05-15-2020 03:05 AM

Hello, 

 

I have a problem with spam mails. 

I have identified the malware (tofsee). I search it in amp console and it shows some files. 

When I search one of them in the section Network Activity -> TCP/IP Streams I see an IP address as a source. 


What is this IP? because it is not of my network

 

When I search for the Internal IP on the computers I do not see any results

 

Any hints?

 

Thanks and regards, 

Konstantinos

0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎05-15-2020 05:07 AM

Can you post the Logs to look and see what you were referring.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

kostasthedelegate
Level 4
Level 4
In response to balaji.bandi

‎05-17-2020 09:52 PM

Hello,

To which logs are you referring?

Konstantinos
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to kostasthedelegate

‎05-18-2020 02:21 PM

"Network Activity -> TCP/IP Streams I see an IP address as a source. " - do you have this TCP Stream ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

kostasthedelegate
Level 4
Level 4
In response to balaji.bandi

‎05-18-2020 11:11 PM

Hello,

As I understand the Network Activity -> TCP/IP Streams I see are not relevant to my own network, but they are general.
So I do not think they help much.
I will try a different approach to find the cause of the problem.

Regards,
Konstantinos
0 Helpful
Customers Also Viewed These Support Documents