Thread Info
  • State Verified Answer
  • +8 person also asked this people also asked this
  • Locked Locked
  • Replies 54 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 474394 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Anyone else getting APT alerts en-mass for ocsp.comodoca.com?

ThomasBrewster

Seeing about six of our sites (all running the slightly older 9.408 release) getting APT alerts for ocsp.comodoca.com starting this morning (2017-02-21 ~9 am  EST)?

Anyone else seeing this occur?



This thread was automatically locked due to age.
Parents
  • 0

    yeppers.  It's a false positive.  This very site is also getting blocked as a site with poor reputation by the SG reputation filter int he http proxy..classic.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

  • 0 in reply to William Warren

    William Warren said:

    yeppers.  It's a false positive.  This very site is also getting blocked as a site with poor reputation by the SG reputation filter int he http proxy..classic.

     

    Far as I know, the websites tab on Filtering Options is not touched by any Firmware or Patterns updates. Anything there is a manual entry by an Admin , it does sound like you have something amiss.

  • 0 in reply to Cityof Campbell

    Seems fine now here, too.

    If entering the URL with Ac%3D at the end in the browser directly, I no longer geht a Trojan warning, just a Reputation Limit instead.

    Just a question aside: Are the most of you downloading the Virus Pattern manually? For maximum security we keep the interval the shortest (15 min) and let the UTM do that automatically. Just curious.

Reply
  • 0 in reply to Cityof Campbell

    Seems fine now here, too.

    If entering the URL with Ac%3D at the end in the browser directly, I no longer geht a Trojan warning, just a Reputation Limit instead.

    Just a question aside: Are the most of you downloading the Virus Pattern manually? For maximum security we keep the interval the shortest (15 min) and let the UTM do that automatically. Just curious.

Children
Unfiltered HTML