kamiran.asia 5 Posted June 14, 2022 Share Posted June 14, 2022 Hi dears . From yesterday we revived this error from ESET Endpoint Security. It seems that 1.1.1.1 is marked as botnet . Event : Suspected botnet detected Detection name : Botnet.CnC.Generic Target address: 1.1.1.1 Port : 80 Link to comment Share on other sites More sharing options...
itman 1,659 Posted June 14, 2022 Share Posted June 14, 2022 (edited) This has to be a false positive. IP address 1.1.1.1 resolves to APNIC Research and Development in Australia. Quote APNIC (the Asia Pacific Network Information Centre) is the regional Internet address registry (RIR) for the Asia-Pacific region.[2] It is one of the world's five RIRs and is part of the Number Resource Organization (NRO).[2] https://en.wikipedia.org/wiki/APNIC Edited June 14, 2022 by itman Link to comment Share on other sites More sharing options...
kamiran.asia 5 Posted June 15, 2022 Author Share Posted June 15, 2022 Yes , It seems to be FP. But we check 1.1.1.1 at https://whatismyipaddress.com/ for blacklist and find dnsbl.justspam.org mark 1.1.1.1 as blacklisted . may be ESET black list ips use these databases and these cause this FP. Link to comment Share on other sites More sharing options...
itman 1,659 Posted June 15, 2022 Share Posted June 15, 2022 Actually 1.1.1.1 IP address is Cloudflare DNS servers: https://whatismyipaddress.com/ip/1.1.1.1 Also, entry of 1.1.1.1 yields: https://1.1.1.1/ Link to comment Share on other sites More sharing options...
Lasz 0 Posted June 16, 2022 Share Posted June 16, 2022 I've been through way too many svchost sercives to check the location of them at this point, can we safely say that this is a FP? Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,071 Posted June 16, 2022 Administrators Solution Share Posted June 16, 2022 It was FP, it's already fixed. Lasz 1 Link to comment Share on other sites More sharing options...
Lasz 0 Posted June 16, 2022 Share Posted June 16, 2022 Thank you for confirming @Marcos Link to comment Share on other sites More sharing options...
Recommended Posts