Comments
-
I have been getting ton of these all over my network switched action to drop instead of block. All internal triggers have been agents getting blocked communicating to our Dell Kace management appliance . We do see triggers from external sources to our host sites as well but haven't identified any of that to legitimate…
-
Did you implement this ? I was concerned that the number of addresses that needs to be checked against would result in latency or the size of the list would be problematic for the size of the firewall config. https://isc.sans.edu/api/threatlist/torexit/