Thread Info
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 8242 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intrusion Prevention Alert Win.Trojan.Jadtre

weissnix

Hallo,

seit zwei Tagen bekommen ich diesen Alarm sobald meine Tochter an ihre Handy im Netzwerk benutzt.

Muss ich was tun? Was soll ich jetzt tun?

Danke!

Intrusion Prevention Alert

 

An intrusion has been detected. The packet has been dropped automatically.

You can toggle this rule between "drop" and "alert only" in WebAdmin.

 

Details about the intrusion alert:

 

Message........: BLACKLIST DNS request for known malware domain did.ijinshan.com - Win.Trojan.Jadtre

Details........: https://www.snort.org/search?query=33881

Time...........: 2015-12-25 09:37:21

Packet dropped.: yes

Priority.......: high

Classification.: A Network Trojan was Detected IP protocol....: 17 (UDP)

 

Source IP address: XXXXXX

Source port: 40710

Destination IP address: XXX (hostXXXXXXX) Destination port: 53 (domain)

       

--

System Uptime     :

System Load       : 0.18

System Version     : Sophos UTM 9.352-6

 

Please refer to the manual for detailed instructions.



This thread was automatically locked due to age.
  • Research at Snort.org and Google search to determine if it is a false positive in your environment. If you decide that it is, then you can create a rule modification at Network Protection > Intrusion Prevention > Advanced to disable it. If not, then you need to find the software on her device that is reaching out to did.ijinshan.com.