BAMPA
October 26th, 2018, 22:46
سلام ، این ابیوز رو روی چند تا از آی پیامون دریافت کردیم از هتزنر
پورت 49155 رو هم توی فایروال مسدود کردیم
سرور ها هم اسکن کردیم مورد خاصی وجود نداشته
کسی میدونه راه حل این ابیوز رو؟
> Format: ASN | IP | Timestamp (UTC) | Malware | SRC port | DST ip | DST port | DST host | Proto
> 24940 | 88.198.129.110 | 2018-10-25 07:13:42 | wannacry | 49155 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.110 | 2018-10-25 08:56:47 | wannacry | 49156 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.110 | 2018-10-25 11:46:02 | wannacry | 49156 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 22:00:25 | wannacry | 54334 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 22:55:34 | wannacry | 52192 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 21:25:43 | wannacry | 49159 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 21:30:55 | wannacry | 53534 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 21:47:37 | wannacry | 57676 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
پورت 49155 رو هم توی فایروال مسدود کردیم
سرور ها هم اسکن کردیم مورد خاصی وجود نداشته
کسی میدونه راه حل این ابیوز رو؟
> Format: ASN | IP | Timestamp (UTC) | Malware | SRC port | DST ip | DST port | DST host | Proto
> 24940 | 88.198.129.110 | 2018-10-25 07:13:42 | wannacry | 49155 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.110 | 2018-10-25 08:56:47 | wannacry | 49156 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.110 | 2018-10-25 11:46:02 | wannacry | 49156 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 22:00:25 | wannacry | 54334 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 22:55:34 | wannacry | 52192 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 21:25:43 | wannacry | 49159 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 21:30:55 | wannacry | 53534 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp
> 24940 | 88.198.129.106 | 2018-10-25 21:47:37 | wannacry | 57676 | 1.1.1.1 | 80 | www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com (http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) | tcp