• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

13 security vendors flagged this IP address / Active Treat Showing During Windows 11 Updates

Firewalling
snort ipv4 security firewall
1
1
350
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    JonathanLee
    last edited by JonathanLee Aug 14, 2023, 6:45 AM Aug 14, 2023, 6:25 AM

    Snort IPS/IDS is catching something different today. I thought I would share this flagged invasive actor with the community.

    Has anyone else seen this IP hit your firewalls during Windows 11 updates?

    45.143.9.106
    AS 3999045 (DEDIOUTLET-NETWORKS)

    🔒 Log in to view
    (This was flagged by 13 different security providers)

    The IP block is out of Lithuania? Maybe this has to do with what is occuring in the former Zaire with what is being broadcast over worldband radio signal the last couple weeks, anyone hear that radio station last week? Maybe it was a replay of old radio signals? Anyway enough of the rabbit hole.

    I don't understand why this is flagged and showing up only during Windows 11 updates that's what throws me off here. Something is off with this IP address

    Anyone else notice anything or maybe run a Wireshark on it?

    Make sure to upvote

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.