Resolved! tracing malware
I have been informed by my ISP that a botnet has been detected and the ip address is the Global PAT address. how do i trace the source ip?
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(85) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,558) -
Cisco Bugs
(37) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(144) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(17) -
Cisco Secure Firewall Management Center (FMC)
(90) -
Cisco Secure Firewall Threat Defense (FTD)
(120) -
Cisco Security Cloud Control
(6) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(18) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(45) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(260) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(29) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,574) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(321) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(91) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,570) -
NGIPS
(1,873) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,775) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(634) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Resolved! ASA5506 Firepower
I need to now ASA5506 with firepower service can detect phishing websites , block the ads on the websites and detect any harmful cookies or male-ware on the websites and what is the requirements licence .
Hi all I am stock in the process of finding a solution on this. I have configured a VPN connection to one of our offices using an ASA5505.On all our other asa boxes I have configured a dmz vlan. But this asa is causing me problems. It gets a permanen...
Hi,we have 3 internet Links Like ISP 1, ISP 2 & ISP 3.ISP 1---> ASA1---> Core switchISP 2---> ASA2---> Core switchISP 3---> ASA3---> Core switchwe have different services as per below.on ISP 1 ASA natted servers (Like mail, web server)on ISP 2 ASA na...
Will the you a question, ASA 5585-SSP-40 with a cluster architecture, you can build a rule & object upper limit number?
Resolved! Deep packet inspection port 443
Hello!We only have a handful of ports open to the internet on our guest wireless. Recently, our auditor dinged us for being able connect to an SSH server he had outside of our network running on port 443. He told us if we allow HTTPS traffic, we need...
My provider gives us a /29 and we use that /29 on the outside interface. I need a way for the DMZ to talk to the Outside network. The ASA is running 9.01what I am trying to do is for 192.168.1.25 to talk to 1.2.3.10 This is what I have so far but it...
HiThe configuraiton in the ASA is as below:aaa authentication enable console TACATS LOCALaaa authentication telnet console LOCAL username cisco password ciscotelnet 0.0.0.0 0.0.0.0 inside Do you think the enable password is different when I use SSH o...
Hi,I have a pair of ASA's 5512-x in High Availability mode, both with ASA PRSM in single mode, only one of the modules is fully licensed with WSE, AVC and IPS nextgen, (the default active ASA) and the module on the standby ASA is unlicensed since it'...
Hi, I am trying to ssh from PC to Switch.PC IP 192.168.2.5Switch IP 10.31.2.34log shows Aug 28 2015 21:10:41: %ASA-6-302013: Built outbound TCP connection 673 for MGMT:10.31.2.34/22 (10.31.2.34/22) to VISITOR:192.168.2.5/1556 (192.168.2.5/1556)Aug 2...
I am a newbie at this, green as the leaves opening in spring. I have a CISCO 5510 Adaptive Security Appliance and was wondering how to open port 5222 for our new IP phone system we are installing here at the office. Thanks, Tim Shepard
Hi Team - I have two ASA configured in Active/Standby mode , i got a license for any connect essentials for my primary ASA box ... Here i would like to know if i need to have a separate licence for both the ASA 's in HA pair ?
Hi ,What is SSP -10 Or 20 , What does it mean ASA 5585-X SSP-10 , ASA 5585-X SSP-20 thanks
I know that ACLs have to be ordered from most specific to lesser specific rules.IP addresses to subnets. When permitting a subnet through and denying a given IP address through, it is best to start with the IP address rule and then put in the network...
Which command will configure a Cisco ASA firewall to authenticate users when they enter the enable syntax using the local database with no fallback method? What is the difference between upper and lower case 'LOCAL / local?aaa authentication enable ...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 11-07-2025 02:10 PM | ||
| 11-07-2025 02:11 AM | ||
| 11-04-2025 11:16 AM | ||
| 11-03-2025 09:48 AM | ||
| 10-31-2025 12:20 AM |
Top Solution Authors
| User | Count |
|---|---|
| 6 | |
| 4 | |
| 3 | |
| 2 | |
| 2 |
