Hi there!
Im trying to diagnose a machine on the network with a certain IP that brought in a virus today.
the IP address has been sinkholed so I cannot see the name of the computer when i try to nslookup, nbtstat, netstat etc.
how would i go about getting this?
every packet i send gets replied to and I have tried monitoring the activity using wireshark but had no bites!
Im trying to diagnose a machine on the network with a certain IP that brought in a virus today.
the IP address has been sinkholed so I cannot see the name of the computer when i try to nslookup, nbtstat, netstat etc.
how would i go about getting this?
every packet i send gets replied to and I have tried monitoring the activity using wireshark but had no bites!