Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Why is BotHunter attempting to make outbound connections?

attempting bothunter outbound
0
Posted

Why is BotHunter attempting to make outbound connections?

0

BotHunter is attempting to interact with the BotHunter automated threat intelligence updating service and infection profile repository (located at SRI International, Calif, USA). BotHunter’s threat updating service periodically probes the SRI server to pull in the latest botnet command and control (C&C) blacklist, malware DNS list, and new malware detection rules, which are updated on a regular basis. This allows your fielded BotHunter to maintain its awareness of the latest C&C servers, malware-associated DNS lookups, Russian Business Network address space, and malware control/backdoor ports. The repository service allows your fielded BotHunter to send anonymized infection profiles of detected external C&Cs, egg download sites, exploit sources, and rule detection patterns. It does not report any IP addresses from your trusted net, and BotProfile sources are anonymized and are not tracked. To utilize the BotHunter automated remote updating service, you must enable outbound connections

Related Questions

Thanksgiving questions

*Sadly, we had to bring back ads too. Hopefully more targeted.