I recently purchased Botnet for an ASA and have it configured and working properly. I am however curious on who is responsible for its database content. I have seen it block many IPs that are from reputable sources with a "High Risk" label.
IPs that belong to Microsoft and other major manufacturers.
Not much of an issue to whitelist them but unfortunately when a user is blocked they are not displayed a message of any sort via the web browser. It is not until I go into the ASA/botnet app do I see the block. Then wonder why it is listed.
Does anyone have any information on how the data is collected and by who?