Text only | Text with Images

OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: hushcoden on February 03, 2021, 09:48:11 PM

Title: Confused by some entries blocked by Suricata
Post by: hushcoden on February 03, 2021, 09:48:11 PM
A few days ago I decided to not renew my Kaspersky licence and to use Windows Defender, but since then I see some 'strange' entries in the Suricata log, that is my laptop trying to connect to 205.185.216.10 or 205.185.216.42 and those two IP addresses trying to connect to my laptop (attached an example).

Does anybody has noticed the same, by any chance? It seems being related to Windows Update, I really doubt my laptop is infected...

Tia.
Title: Re: Confused by some entries blocked by Suricata
Post by: lfirewall1243 on February 16, 2021, 10:10:58 PM
never hatte that but is are known for Windows updates

https://answers.microsoft.com/en-us/windows/forum/all/20518521610-and-20518521642-windows-update-or-not/50939772-32d1-427c-9bdd-8f7efe8a8817
Title: Re: Confused by some entries blocked by Suricata
Post by: hushcoden on February 16, 2021, 10:48:20 PM
Thanks... didn't know MS also using Highwinds servers...
Text only | Text with Images