I always wondered why my ASA, which I monitor with a netflo9 sensor, has a lot of traffic from a fileserver to IP 126.96.36.199. According to "google" its ipv6 traffic. But ipv6 is turned off and I dont see why my fileserver should generate that much traffic with IPv6. Its a Windows 2008 R2 Machine.
Is there any sensor I may add for this machine to get a better overview what exactly is generating that many traffic, without using a third party tool?