Botnet Traffic Filter
checks incoming and outgoing connections against a dynamic database of known bad domain names and IP addresses (the blacklist and then logs or blocks any suspicious activity.
A static whitelist can be created for addresses that should not be on the blacklist.
Botnet Traffic Filter Addresses Categories:
1) Known malware addresses - These addresses are on the blacklist identified by the dynamic database and the static blacklist.
2) Known allowed addresses - these addresses are on the whitelist.
3) Ambiguous address - these addresses are associated with multiple down names (greylists)
4) Unlisted addresses - These addresses are unknown and not included on any list.
checks incoming and outgoing connections against a dynamic database of known bad domain names and IP addresses (the blacklist and then logs or blocks any suspicious activity.
A static whitelist can be created for addresses that should not be on the blacklist.
Botnet Traffic Filter Addresses Categories:
1) Known malware addresses - These addresses are on the blacklist identified by the dynamic database and the static blacklist.
2) Known allowed addresses - these addresses are on the whitelist.
3) Ambiguous address - these addresses are associated with multiple down names (greylists)
4) Unlisted addresses - These addresses are unknown and not included on any list.
No comments:
Post a Comment