Jump to content

Suspected botnet detected


Go to solution Solved by Marcos,

Recommended Posts

Hi dears .

From yesterday we revived this error from ESET Endpoint Security. It seems that 1.1.1.1 is marked as botnet .

 

Event :
Suspected botnet detected
Detection name :
Botnet.CnC.Generic
Target address:
1.1.1.1
Port : 80
 
 

 

1.1.1.1.jpg

Link to comment
Share on other sites

This has to be a false positive. IP address 1.1.1.1 resolves to APNIC Research and Development in Australia.

Quote

APNIC (the Asia Pacific Network Information Centre) is the regional Internet address registry (RIR) for the Asia-Pacific region.[2] It is one of the world's five RIRs and is part of the Number Resource Organization (NRO).[2]

https://en.wikipedia.org/wiki/APNIC

Edited by itman
Link to comment
Share on other sites

I've been through way too many svchost sercives to check the location of them at this point, can we safely say that this is a FP?

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...