eDonkey P2P Alerts from IPS

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
jeffersjw
Posts: 32
Joined: Tue Aug 27, 2013 9:29 am

eDonkey P2P Alerts from IPS

Post by jeffersjw »

I block P2P on my network and suddenly am getting alerts from my IPS about the Nagios XI server, any ideas?

SN=380030171 app="eDonkey" app_cat="P2P" user="N/A" group="N/A" msg="N/A" carrier_ep="N/A" profilegroup="N/A" subapp="eDonkey" subappcat="P2P
Top
tmcdonald
Posts: 9117
Joined: Mon Sep 23, 2013 8:40 am

Re: eDonkey P2P Alerts from IPS

Post by tmcdonald »

Nagios doesn't do anything with the P2P protocol, and certainly not eDonkey. I would take a look at your security logs, sounds like your server might be getting utilized for torrenting. tcpdump and ps are your friends here.
Former Nagios employee
Top
Locked

Return to “Nagios XI”