Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We regularly get BlackHole DNS URL's in our Malware Threat Report (Adware>Blackhole DNS URLs)The report states that transactions are all blocked.When we go to examine/scan the user/computer that is referenced and run Malwarebytes scans nothing is det...
Company has a ASA5510 with BotNet Traffic filter enabled on itWhen I go to the Report file (using ASDM) it shows me From the Monitor section->Botnet Traffic Filter -> Infected Hosts - > Highest Threat LevelIf I save it as a pdf and review the report ...
Recently performed activation of AnyConnect SSL licensesFirst site has a ASA5510 - After entering the activation key (as depicted in pdf from licensing) After a save and a reload My BotNet Traffic Filter was disabled.Re-entering the key did not help...
PKI alo have the WSA implemented (uses BotNet Traffic Filter. I understand the concept. I just never locate the bad code/application. Yes probably in traffic logs and in Database but not on AV quarintine orr av logs.Kinda of like being in a wind stor...
PKI am not questioning the process that you described. I would like to know that the bot that was "calling/reporting" back is no longer on the device/computer listed in the reportHow do I know that there was malware on the device? Does something remo...
Thank you ChristopherThe TAC cases have been opened, (ASA5510 case closed) .The cases got referred to Cisco Customer Service (I guess because they are licensing issues). It has been now over a week waiting.for some one to get back to me. I am not use...
