Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Why isn't the Botnet service blocking the hacking attempts?

JackBurtonJackBurton Newbie ✭

This attack has been on-going and has known IP's that they are using.

So why isn't the service we pay for blocking this attacks?

Even Cisco has posted the IP's being used. https://blog.talosintelligence.com/large-scale-brute-force-activity-targeting-vpns-ssh-services-with-commonly-used-login-credentials/

Category: SSL VPN
Reply

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    You're assuming Sonicwall updates their botnet list when attacks are occurring, let alone maintains it at all. You're paying for a license to utilize a feature, not a service.

    The current Sonicwall-maintained botnet list entry count is 593 entries…

    Cisco's list is in the thousands, and hasn't changed in a week…

    I'm sure the attack source IPs have changed though.

  • koakdkoakd Newbie ✭

    They're a moving target like TKWITS said. For my company, I enabled the Dynamic Botnet Filter and then I periodically gather unique IPs that are attacking us and put them on a Github page that the Sonicwall can read and block.

Sign In or Register to comment.