IP Reputation: False positive
Hi, im receiving alerts from SecuReporter:
| Network Security | IP Reputation-Outgoing |
---|---|---|
IP Reputation detect 192.168.10.234 is connecting to threat IP 244 times (exceed threshold 5 within 60 minutes) |
Threat IP is 89.46.110.73.
Looking on Cisco Talos:
Could you verify please?
Accepted Solution
-
Hi @0xAlessandro,
The IP address is added into the allow list in the next signature version. You can test the IP again later this week. Thanks!
1
All Replies
-
Hi @0xAlessandro,
The IP address is added into the allow list in the next signature version. You can test the IP again later this week. Thanks!
1 -
Could you also whitelist 185.81.1.164
2023-09-19 14:00:00Network Security
IP Reputation-Outgoing
IP Reputation detect 192.168.11.12 is connecting to threat IP 96 times (exceed threshold 5 within 60 minutes)
0 -
Hi @0xAlessandro,
The IP 185.81.1.164 is also added into the allow list in the next signature version. Thanks!
1 -
1
-
Hi, thank you.
There are 2 new IP (Cloudflare) which got blocked by IP Reputation.
- 104.21.9.40
- 172.67.141.113
0 -
Hi @0xAlessandro,
The following IP addresses are also added into the allow list in the next signature version. Thanks!
104.21.9.40
172.67.141.1131
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight