Jump to content

I have a firewall keeps popping up a blocked set of packets from ransomware called "conti" originating at my hyperV Hypervisor machine.

Guest bed1m

By Guest bed1m
in Tech Support & Discussions Forum

 Share

Recommended Posts

Guest bed1m

Guest bed1m

Posted
Posted

Hello, I have a Cisco Meraki Firewall AMP, which has started blocking packets from what it things are an infection of ransomwhere called "Conti" Variant. The packest certainly look suspicious, but this is a ServerCore 2022 HyperV hypervisor and the only 3rd party software is communication softare from APC for shutting down the machine in case of UPS failure. the Built in firewall and Defender stuff is running and up to date and turns up nothing and I ran MSERT and it too turned up nothing. The packets are sent out only saturday and sunday and appear to be going to my management workstati

 

Continue reading...

  • Replies 0
  • Created
  • Last Reply

Popular Days

Popular Days

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...