• Lots of IPS attacks lately One CNC Trufflehunter cant find much info on it (False Positive?)

    We have been getting a LOT of IPS attacks lately. Getting Snort 38330 MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt from several internal IPs. Snort doesnt give much information.... is there a good chance these hosts are infected? Sophos Cloud AV…

  • udp port 41255

    Is anyone seen increase from udp:53 to udp:41255 srcip="65.111.165.141" dstip="xxx.xxx.xxx.xxx" proto="17" length="537" tos="0x00" prec="0x00" ttl="120" srcport="53" dstport="41255 srcip="95.0.160.245" dstip="xxx.xxx.xxx.xxx" proto="17" length="511…
Unfiltered HTML