I've received a letter informing me that malicious traffic has been detected on my network, how can I get more information about this to track down the culprit?
We have multiple machines in the house which are all running up-to-date anti-virus/malware and have reported nothing during scans.
There is nothing in the letter to indicate what type of malware it thinks I have, no dates and no IP addresses of target sites. Is it possible to get more information so I can at least Wireshark some traffic from our devices?
The reference in the letter is VMIS60-NETWORKATTACKS-F008010365
You have all the information that can be gathered from your connection, the only IP VM can ever see is the WAN IP address it doesn't know what IP addresses you are using internally. The normal port would be 25.
We have a couple of people on here saying when speaking to a VM tech all they did was advise to change password.
I dont work for VirginMedia all opinions are my own. 39 years in IT.