I just installed LEDE and so far I love everything.
My problem is one or multiple systems inside my LAN is infected by Conficker malware bot. According to abuseat.org its CNC server is located at 104.244.14.252. It talks with CNC server once every week in average. This problem is more than a year old but finally decided to take care of it.
I have three Windows systems inside my LAN rest are all Linux so its has to be the windows system since Conficker only infects Windows. I am not able to determine which the infected system is, I tried running antivirus scan and even formatting those systems but without any success.
I want to find which systems are infected with Conficker. Is there any way to keep log of traffic directed to 104.244.14.252 or maybe some other way to determine this?
While it may not represent an immediate solution, you might find this application interesting or useful - and your malware traffic could contribute to the project.
I'm not an expert, but I also recently installed LEDE, and there is a problem with the operation of my laptop - it began to slow down a bit.
So you think that malware was installed with LEDE?
I checked everything, Windows Defender reports that everything is clean and the second defender (http://myspybot.com/redboot-ransomware/) is silent (to be honest then I'm happy))))