Long Term Threatlist Activity

Low Log Correlation Engine Plugin ID 800126

Synopsis

The LCE has detected continuous threatlist activity from a host.

Description

The Log Correlation Engine has detected continuous threatlist activity from a host. Hosts which communicate with IP addresses that have been threatlisted for long periods of time should be investigated to see if they are part of a botnet.

Plugin Details

Severity: Low

ID: 800126

File Name: 800126.prm

Family: Generic

Risk Information

Risk Factor: Low