Network Protection: Firewall, NAT, QoS, & IPS ATP alerts for 192.229.211.108

UTM Firewall requires membership for participation - click to join

Thread Info

State Verified Answer
Locked Locked
Replies 4 replies
Subscribers 6 subscribers
Views 9617 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ATP alerts for 192.229.211.108

SteveHart over 1 year ago

Is anyone else seeing ATP alerts for the IP 192.229.211.108? It looks like it's a Digicert server, so I'm hoping it's a false alarm.

Steve

This thread was automatically locked due to age.

Top Replies

Raphael Alganes over 1 year ago +1 verified

Hello there, Good day and thanks for reaching out to Sophos Community and hope you are well. This is a FP and IP seems to be used by DigiCert and this is now fixed by Labs at this point of time, IP…

Parents

0 comnet_nm over 1 year ago

Others are reporting this: https://www.reddit.com/r/sophos/comments/12ddqns/an_attempt_to_communicate_with_a_botnet_or/

We're also seeing tons of ATP alerts that appear to be valid DNS requests to 8.8.8.8 , 1.0.0.3, 208.67.222.222 etc.

Anyone else?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 comnet_nm over 1 year ago

Others are reporting this: https://www.reddit.com/r/sophos/comments/12ddqns/an_attempt_to_communicate_with_a_botnet_or/

We're also seeing tons of ATP alerts that appear to be valid DNS requests to 8.8.8.8 , 1.0.0.3, 208.67.222.222 etc.

Anyone else?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data