How do I snoop unauthorised traffic

One of the Windows 2000 boxs is sending data out of the network to some host
on the internet. My gateway is Mandrake Linux 8.2 running straight
iptables. I've tried tcpdump against the internet facing NIC but the data
are inconclusive.

How do I determine what traffic is leaving the network and determine what
host it is being sent to, then what string do I use in
the /etc/sysconfig/iptables file to block it?

Thanks
Peter
.

Relevant Pages

  • Re: 2 pc network - cant see host files from pc 2 on pc 1
    ... If the second card is lost on HOST PC then DSL Internet does not connect. ... Ditch the second network card in the one ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Conflict between www. & mail.
    ... mail.ilpomodoro.com is hosted at Network Solutions ... and fussed with the A record, host record, etc but it's still not ... Network Solutions email server also responded. ... ns29.worldnic.com internet address = 205.178.190.15 ...
    (microsoft.public.win2000.dns)
  • Re: Yoo-hoo, I still dont have an answer! (was Re: Sygate)
    ... Acronym for Internet Protocol. ... packets from sender to destination network and station, ... the network the host is connected to; the remaining bits identify the host ...
    (alt.computer.security)
  • Re: USB ASDL Network
    ... >i have a home network and my modem is connected by USB to ... Assuming that you're running XP on both computers, ICS on the host should work ... fine for internet service on the other computer. ...
    (microsoft.public.windowsxp.network_web)
  • How do I configure my wireless PC to share its internet connex w/
    ... Basically its a long way from my PS2 ... I assume I should be able to harness the internet ... I should be able to start a network. ... Setup Wizard to configure the laptop to serve as a network Host to ...
    (microsoft.public.windowsxp.network_web)