Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 2 subscribers
  • Views 11614 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

C2/Generic-A FP

PhilB_01
Hi,

C2/Generic-A triggered when I was trying to talk to a VPS that we have rented off-net (and which we've been renting for the best part of a year at this point, but which I guess I only just tried to talk to from behind a sophos UTM).

How can I get the false positive removed from the database?

Phil


This thread was automatically locked due to age.
Parents
  • 0
    It looks like the two most-recent alerts are because 192.168.1.10 attempted to resolve an FQDN from a name server in the Ukraine.  That can't be a good sign. [:(]  Assuming that that's your internal DNS, can you tell which devices made those requests of your server?

    Cheers - Bob
Reply
  • 0
    It looks like the two most-recent alerts are because 192.168.1.10 attempted to resolve an FQDN from a name server in the Ukraine.  That can't be a good sign. [:(]  Assuming that that's your internal DNS, can you tell which devices made those requests of your server?

    Cheers - Bob
Children
No Data