This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Received message: Botnet/command-and-control traffic detected

Advanced Threat Protection: The event's user/host describes an IP address that is not on my home network and not my public IP address: 218.60.112.226. The threat is C2/Generic-A and the Destination is DXUhb67bd048.app.anmorencai.com. The origin is AFCd. What is AFCd? And how could I have a public IP address inside my network? My network is 192.168.x.x/24. My public IP address is 72.208.x.x. So I'm pretty confused as to what the Sophos UTM is reporting to me.

This thread was automatically locked due to age.

Parents

0 lferrara over 8 years ago

Wesson,

is your issue like this one? https://community.sophos.com/products/unified-threat-management/f/54/t/75688

If yes, post your comment over there. Someone from Sophos will reply back to you. Thanks
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 lferrara over 8 years ago

Wesson,

is your issue like this one? https://community.sophos.com/products/unified-threat-management/f/54/t/75688

If yes, post your comment over there. Someone from Sophos will reply back to you. Thanks
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data