My SEIM (AlienVault) is detecting Mirai inbound activity.
Eg:
How can these be stopped at the UTM?
Eg can it get known botnet addresses from the Open Threat Exchange (OTX)?
Thanks, James.
Have you considered using Country Blocking?
OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz 16GB Memory | 500GB SSD HDD | ATT Fiber 1GB(Former Sophos UTM Veteran, Former XG Rookie)
Thanks Amodin - we do use country blocking for some countries, but it's a botnet so that won't work.