I have a linux based server that does everything for me - and the company in South Carolina that has it under support contract seems to have fallen off the face of the earth last week. I'm a school district and use this server for e-mail, web, firewall, etc. and I'm quite distressed. I have very limited unix knowledge and need some quick help if possible.
The state of Arkansas has notified me that it will cut my Internet connection if I do not get a port scanning virus off my network immediately - but I don't know how to produce the nat logs that might tell me which of my internally addressed machines is the culprit. I am natting the private addresses through 1 external address. I have over 600 workstations and an Enterprise virus solution but the culprit must be on an unprotected machine.
If anyone can point me toward log files that I could search I would be most appreciative!!