Jump to content

Recommended Posts

Posted

From yesterday I'm having the following inbound blocked traffic logs:

Time;Event;Action;Source;Target;Protocol;Rule/worm name;Application;Hash;User
30/06/2022 10:47:33;No application listening on the port;Blocked;92.245.188.58:443;192.168.1.191:49718;TCP;;;0000000000000000000000000000000000000000;
Time;Event;Action;Source;Target;Protocol;Rule/worm name;Application;Hash;User
30/06/2022 13:17:28;No application listening on the port;Blocked;81.4.100.200:443;192.168.1.191:50315;TCP;;;0000000000000000000000000000000000000000;

Could it be that my router has been infected with ZuoRAT?

Posted
45 minutes ago, Enrico said:

Could it be that my router has been infected with ZuoRAT?

Possible.

Do a hard reset on your router to set things back to default settings. Then monitor if the Eset Network log entries no longer appear.

Posted (edited)

Thanks for the suggestion, I did a factory reset and then realized that I was using Marcos suggestion for the logs: https://forum.eset.com/topic/32651-web-access-protection-the-url-address-is-too-broad/?do=findComment&comment=152084

So it was a false alarm (after diggin' discovered that IP's were from website tracking and imaps).

Edited by Enrico
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...