Endpoint Protection

 View Only

  • 1.  Botnet DNS Trap

    Posted Jun 12, 2015 03:00 AM

    Hi Guys,

    In our Firewall, we are getting DNS Trap activity in our AntiBot blade. What does that mean? How we can solve the malicious activity using symantec from the system



  • 2.  RE: Botnet DNS Trap

    Posted Jun 12, 2015 04:46 AM

    Hi Srikanth_Subra,

    A quick internet search indicates that you're referring to another vendor's security product. Can you clarify what Symantec product you are using and what you're seeing?

     

    Many thanks,

     

    Mick



  • 3.  RE: Botnet DNS Trap

    Posted Jun 12, 2015 06:14 AM

    Does it show the source of the infection? If so isolate it and run a threat analysis scan and Norton Power eraser. If nothing is found try a few other third party tools. If still nothing, you're best reimaging.



  • 4.  RE: Botnet DNS Trap

    Posted Jun 16, 2015 04:52 AM

    Hi Srikanth_Subra,

    Just checking to see if you have any update to this thread?  It is still marked "needs solution."

    Many thanks!

    Mick



  • 5.  RE: Botnet DNS Trap

    Posted Jun 26, 2015 12:30 AM

    Hi,

    we are using symantec endpoint protection.



  • 6.  RE: Botnet DNS Trap

    Broadcom Employee
    Posted Jun 26, 2015 02:02 AM

    can you post the logs?

    are you referringto the IPS logs?

     



  • 7.  RE: Botnet DNS Trap

    Posted Jun 26, 2015 06:56 AM
    Well you can put in a firewall rule to block the activity but you need to remember that machine and remediate it.