I was informed today by our InfoSec team that it appears our UMS is trying to reach out to a range of external addresses owned by the Medical Universtity of South Carolina…any idea what this could be?
Not unless you have devices at those addresses
We don’t…entirely different state. I have no idea what they are seeing, it might be a bad report
I’ll try to find out more.
QRadar is picking up some weird traffic from our secondary UMS instance that started on the 18th. Not sure what it is or maybe it’s false positive
Our network engineers are going to investigate as well.
Umm….i have personally looked for this…im not seeing anything. Is your ums hosted externally?
No it’s internally hosted. Something else is going on because we apparently have other systems reaching out to same addresses. Our NE’s continue to investigate.
Gotcha…the other month i did notice our qnaps were using torrent to update :)
Continue reading and comment on the thread ‘IGEL MS is trying to reach out to a range of external addresses…’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!