I recently had my server compromized. So I secured it by reading a few of the threads
I have APF running and I'm getting outgoing traffic that's being dropped. HOWEVER I'm not sure how to find out what is doing this.
I have my logs and all and I can see the traffic (Ip address and all) but I'm not sure which process it's coming from.
Is there a way to find this out?
I have APF running and I'm getting outgoing traffic that's being dropped. HOWEVER I'm not sure how to find out what is doing this.
I have my logs and all and I can see the traffic (Ip address and all) but I'm not sure which process it's coming from.
Is there a way to find this out?