Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
909
Views
0
Helpful
0
Replies

INDICATOR-COMPROMISE Suspicious .cc dns query

ccna_security
Level 3
Level 3

‎02-10-2020 05:17 AM - edited ‎02-21-2020 09:54 AM

Dear all. I have configured IPS on firepower and I get such a message very often

[1:28190:4] "INDICATOR-COMPROMISE Suspicious .cc dns query" [Impact: Potentially Vulnerable] From "FIrewall" at Mon Feb 10 13:11:51 2020 UTC [Classification: A Network Trojan was Detected] [Priority: 1] {udp} x.x.x.x:65153 (unknown)->y.y.y.y:53 (unknown)

could anyone tell me what kind of error it is? do you think it is malicious or false positive? how can I know exact reason why message be appeared?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card