Show Posts
1
Zenarmor (Sensei) / Question about approach to identifying possible false positive
« on: December 17, 2023, 08:51:14 am »
Hello,
I'm a pretty new user of Zenarmor, having only recently upgraded from a consumer-grade home router to an OPNsense box (which I'm very happy with).
I am seeing a lot of blocks of outgoing connections from my phone to a host called "prod-mobile-api.jn3cx6xo36.net", which Zenarmor seems to be categorising as "Malware/Virus". I suspect it is a false positive, but it is obviously concerning and I am struggling to find any info on what it is, or why Zenarmor might be categorising it as malware.
Googling for that hostname leads to a few auto-generated "we've scanned this host for viruses and found nothing" type pages, which tell me very little.
The regular posters in this forum seem to be pretty experienced and knowledgeable, and I wondered if anyone can give me some pointers in tracking down what's going on here please? For example, do any of you know what databases Zenarmor draws its blocklists from?
If the mods think this is OT then my apologies, and do feel free to bin.
Thank you all in advance for any help you're able to give.
I'm a pretty new user of Zenarmor, having only recently upgraded from a consumer-grade home router to an OPNsense box (which I'm very happy with).
I am seeing a lot of blocks of outgoing connections from my phone to a host called "prod-mobile-api.jn3cx6xo36.net", which Zenarmor seems to be categorising as "Malware/Virus". I suspect it is a false positive, but it is obviously concerning and I am struggling to find any info on what it is, or why Zenarmor might be categorising it as malware.
Googling for that hostname leads to a few auto-generated "we've scanned this host for viruses and found nothing" type pages, which tell me very little.
The regular posters in this forum seem to be pretty experienced and knowledgeable, and I wondered if anyone can give me some pointers in tracking down what's going on here please? For example, do any of you know what databases Zenarmor draws its blocklists from?
If the mods think this is OT then my apologies, and do feel free to bin.
Thank you all in advance for any help you're able to give.