Farina Ahmed Lv5Posted 30 Dec 2023 17:53
  
To identify the MAC address associated with the internal IP Public and track the source of the NGAF attack originating from a VM on Linux, you can utilize various network monitoring tools like Wireshark or tcpdump to capture network traffic. Begin by filtering traffic based on the internal IP Public address to analyze the packets being transmitted. Look for patterns indicative of the attack and cross-reference them with the MAC address associated with that IP within your network's ARP (Address Resolution Protocol) cache or by using ARP scanning tools. Additionally, examining the logs of your Linux VMs, checking system logs or specific application logs might reveal suspicious activities or connections to external URLs, aiding in pinpointing the source of the attack.

I Can Help:

Change

Moderator on This Board

11
7
5

Started Topics

Followers

Follow

1
3
5

Started Topics

Followers

Follow

0
4
5

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
14
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders