I have access to a linux server that is acting as the gateway to an internal network.
There is a MagicJack Plus device plugged into this network via CAT5.
The MagicJack gets its ip via DHCP from the linux server, and I've determined which IP address it was issued.
I've nmaped that ip, but I couldn't discover any open ports on the MagicJack Plus device.
I'm curious about how it communicates, especially which ports it actually uses. I'd like to monitor which ports it uses during a 24 hour period. I'd be very interested in seeing if it tries to communicate with any other computers that it doesn't need to (on the local network).
Ultimately, I want to lock that device down, so that it only has access to what it needs and nothing more.
The linux server only has a web app gui and commandline, how can I monitor and log the network activity of the "IP of this device" to discover what ports it actually uses, what it tries to access, and how much bandwidth it uses?