Tuesday, October 4

Let's just assume this pcap is bad...mkay?

Alerts (2.9.1.1, 4924362.pcap)
1:18347:3 BLACKLIST USER-AGENT known malicious user-agent string AutoIt Alerts: 4
1:19734:1 BLACKLIST DNS request for known malware domain 770304123.cn Alerts: 2
1:16816:5 BOTNET-CNC known command and control channel traffic Alerts: 1
1:18762:1 BLACKLIST URI request for known malicious URI /blog.updata?v= - Win32-Agent-GRW Alerts: 1
1:17834:3 BLACKLIST DNS request for known malware domain 343.boolans.com Alerts: 1
120:3:1 (http_inspect) NO CONTENT-LENGTH OR TRANSFER-ENCODING IN HTTP RESPONSE Alerts: 3
1:16815:4 BOTNET-CNC known command and control channel traffic Alerts: 1


Please leave comments below.

No comments: