One day, I received a notification from my ISP reporting that my BM
Server scanned port some other organization. That is really funny (is
a nightmare hearing that). Can the BM do that? Is there anyway an
attacker just relay (I do not know what words should be used) the
attack through my BM server? so it presented to the destination as my
BM ip address

What should I see from the BM audit log, for example, port or

Thanks for all your help.