Connection to 193.142.125.101

Juanjo
Juanjo Member, Beta Tester Posts: 3
First Comment First Anniversary Photogenic
Hi,
I will need to know if this connection from my Fingbox (that my firewall is blocking)is part of the normal operation or not? Should I whitelist it?

Best regards,
Juan
-----------------------------------------------------------------------
Timestamp    2021-03-02T10:43:12.084056+0100
Alert    ETPRO TROJAN NanoCore RAT Keepalive 1
Alert sid    2810288
Protocol    TCP
Source IP    192.168.**.55
Destination IP    193.142.125.101
Source port    39314
Destination port    38313
-------------------------------------------------------------------------


Answers

  • Marc
    Marc Moderator, Beta Tester Posts: 2,718
    250 Answers 1,000 Likes 2500 Comments 250 Awesomes
    ✭✭✭✭✭✭✭

    Looking up the up address, it seems to be registered in Ireland... Fing is located in Ireland but can’t be sure if this is theirs. @Robin or @Ciaran , could one of you verify this address as legitimate?


    General Information

    IP Address:

    193.142.125.101

    Hostname:

    193.142.125.101

    ISP:

    Tata Communications (america)

    IP Geolocation Information

    Continent:

    Europe (EU)

    Country:

    Ireland (IE) 

    Thats Daphnee, she's a good dog...
  • Robin_from_Fing
    Robin_from_Fing Administrator, Fing Team Posts: 4,885
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    Thanks @Marc
    We do have AWS servers in Ireland. I am seeking developers advice for this and I will get back to you @Juanjo once I have an update. 

    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
  • Juanjo
    Juanjo Member, Beta Tester Posts: 3
    First Comment First Anniversary Photogenic
    Hi,
    Thank you for your feedback.
    I'll be waiting to get any updates.
  • Robin_from_Fing
    Robin_from_Fing Administrator, Fing Team Posts: 4,885
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    Hi @Juanjo
    I got in touch with developers and the IP address might be used by AWS server in Ireland. You can whitelist the IP. Thanks
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
    Juanjo
  • Juanjo
    Juanjo Member, Beta Tester Posts: 3
    First Comment First Anniversary Photogenic
    Thanks!