OPNsense Forum
English Forums => Zenarmor (Sensei) => Topic started by: silvertree on October 16, 2020, 01:16:08 pm
-
Hi, I'm new to Sensei, using the free edition at the moment,
I have found some traffic labelled as 'proxy' which shows 'NordVPN' when drilled down. The devices are android tablets without a NordVPN app visibly installed. Spotify clients are installed. I'm not sure how Sensei identifies specific applications by their traffic. Is it likely that this is a false positive identification of the NordVPN application or a malicious non-visible app using NordVPN to ex-filtrate data?
Many thanks
-
Hi @silvertree, I'd approach this with some caution, however a mis-classification is also possible - though rare.
Can you reach out to support with some screenshots? Let us have a closer look together.
-
Hi mb,
I have sent some screenshots to support.
Many thanks