Attacker suspect found by domain count

MFRL

Junior Member

Join Date: Sep 2021

Posts: 1
- Share
- Tweet
#1

Attacker suspect found by domain count

09-20-2021, 02:15 PM

I received an email with this message: We will block attack target domain for less than 1 minute. Blocked domain = _nos._tcp.nos.avast.com.

As soon as I received that message, everything lost the ability to hit the internet, reach networked folders, etc.

The only way to currently fix the behavior is to restart the VM on which NXFilter is installed.

Any help in interpreting what is going on would be helpful.
Tags: None
support200

Moderator

Join Date: Aug 2021

Posts: 1133
- Share
- Tweet
#2

09-20-2021, 03:43 PM

That's because NxFilter thinks there's some problem with the domain. Read this, https://nxfilter.org/tutorial/gui-dns.php#mi

These days some softwares are doing the same thing as malwares. They send too many DNS requests to somewhere on the Internet and they use the DNS requests as communication tool. This happens by security softwares especially. Security softwares are doing the same thing as malwares? Funny world!

Try to bypass '*.avast.com' on Whitelist > Domain'. We will think about bypassing some security company domains at default.

Last edited by support200; 09-21-2021, 06:00 AM.
Comment

Announcement