Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1170
Views
0
Helpful
2
Replies

Botnet Filter on ASA complaining about 63.251.179.49

Go to solution
Ronald Nutter
Level 1
Level 1

‎08-23-2011 08:28 AM - edited ‎03-11-2019 02:15 PM

Anybody running the Botnet filter seeing this address ?

Anyone have any info on this ?

This is showing as a very high threat - Bot & Threat Networks.

Ron

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
clausonna
Level 3
Level 3

‎08-29-2011 10:18 AM

BTF says this is Conficker, but that data seems to be from 2009 and the IP address is no longer hosting anything.

VPNASA# dynamic-filter database find 63.251.179.49

63.251.179.49  m=WbnpConficker

Found 1 matches

Still, I would suggest investigating the host(s) that are initiating the requests - they might be infected. 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Parminder Sian
Level 1
Level 1

‎08-25-2011 11:17 PM

Hi Ronald,

This IP is managed by United States                  Stateline                  Almar Networks Llc.

http://whois.domaintools.com/63.251.179.49

Hope this helps,

Sian

0 Helpful

Go to solution
clausonna
Level 3
Level 3

‎08-29-2011 10:18 AM

BTF says this is Conficker, but that data seems to be from 2009 and the IP address is no longer hosting anything.

VPNASA# dynamic-filter database find 63.251.179.49

63.251.179.49  m=WbnpConficker

Found 1 matches

Still, I would suggest investigating the host(s) that are initiating the requests - they might be infected. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card