This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

crl.verisign.com Threat Protection false positives?

Hi all,

We are seeing an increase in ATP notifications just today, in relation to *crl.verisign.com

This seems like its a certificate look up? Mulitplie UTMs are reporting this same threat with different clients, we have run malware bytes and full system AV scan and can't seem to find anything.

The one PC we did find a trojan, we have cleared and just now it has said the same IP tried to get to the same site? the Reason is both DNS and Proxy...

This thread was automatically locked due to age.

Parents

0 M.Rottler over 10 years ago

Had this notification popped up a few minutes ago...

ATP log says on both of my internal DNS servers:

2014:10:02-08:35:45 UTM named[4448]: rpz: client 140.140.*.*#57957 (csc3-2004-crl.verisign.com): view default: rpz QNAME NXDOMAIN rewrite csc3-2004-crl.verisign.com via csc3-2004-crl.verisign.com.rpz

the new sophos board sucks... :-( please give us the old one back.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 M.Rottler over 10 years ago

Had this notification popped up a few minutes ago...

ATP log says on both of my internal DNS servers:

2014:10:02-08:35:45 UTM named[4448]: rpz: client 140.140.*.*#57957 (csc3-2004-crl.verisign.com): view default: rpz QNAME NXDOMAIN rewrite csc3-2004-crl.verisign.com via csc3-2004-crl.verisign.com.rpz

the new sophos board sucks... :-( please give us the old one back.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data