dnschangersample

Sample Sinkhole Report

ThreatSTOP has analyzed your log data and found 13 attempts to connect to Sinkholed Malware servers by 5 different IP addresses

Log Lines CheckedInfectedClean
251312
IP AddressCountRaw Log Line(s)
192.168.124.1296<158>1 2012-07-05T16:03:48.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/12.0 A udp 192.168.124.129 77.67.83.148 2215 53 (1 packets)
<158>1 2012-07-05T16:10:28.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/12.0 A udp 192.168.124.129 77.67.83.148 2215 53 (1 packets)
<158>1 2012-07-05T16:13:14.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/12.0 A udp 192.168.124.129 77.67.83.148 2215 53 (1 packets)
<158>1 2012-07-05T16:31:08.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/12.0 A udp 192.168.124.129 77.67.83.148 2215 53 (1 packets)
<158>1 2012-07-05T16:32:04.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/12.0 A udp 192.168.124.129 77.67.83.148 2215 53 (1 packets)
<158>1 2012-07-05T16:39:44.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/12.0 A udp 192.168.124.129 77.67.83.148 2215 53 (1 packets)
192.168.124.1233<158>1 2012-07-05T16:03:48.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/11.0 A udp 192.168.124.123 77.67.83.148 2215 53 (1 packets)
<158>1 2012-07-05T16:03:49.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/11.0 A udp 192.168.124.123 77.67.83.148 2215 53 (1 packets)
<158>1 2012-07-05T16:03:48.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/11.0 A udp 192.168.124.123 77.67.83.148 2215 53 (1 packets)
192.168.124.142<158>1 2012-07-05T16:03:48.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/11.0 A udp 192.168.124.14 77.67.83.148 2215 53 (1 packets)
<158>1 2012-07-05T16:05:58.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/11.0 A udp 192.168.124.14 77.67.83.148 2215 53 (1 packets)
192.168.124.251<158>1 2012-07-05T16:03:48.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/12.0 A udp 192.168.124.25 77.67.83.148 2215 53 (1 packets)
192.168.124.1261<158>1 2012-07-05T16:03:48.141Z TEST-SRX240-INET - - - - TEST-SRX240-INET PFE_FW_SYSLOG_IP: FW: ge-0/0/12.0 A udp 192.168.124.126 77.67.83.148 2215 53 (1 packets)

 

Want to Learn More?

Request a free, 30-minute online walk-through of the ThreatSTOP Platform.

Request a Free Demo

Already in Prevention Mode?

Sign-up for a free, 14-day trial of the ThreatSTOP Platform.

Start a Free Trial

Prefer a Free Assessment?

Use any of our free assessment tools to better
understand your need for proactive defense.

Get a Real-time Assessment