Page 1 of 1
1.36.33 getting flagged by Snort
Posted: Wed Apr 03, 2024 1:35 am
by Redstorm
Recently enabled Snort on my firewall and found that Zoneminder on startup and periodicaly is contacting 34.177.186.192 on port 443
This is flagged as a Network Trogan, Do we know why Zoneminder is contacting this IP address?
Re: 1.36.33 getting flagged by Snort
Posted: Wed Apr 03, 2024 7:08 am
by dougmccrary
That's an AWS ip, pretty sure it's the ZM telemetry. Which is down due to expense.
There used to be a checkbox to turn it off. I suspect if you go to Options->Privacy->(choose) Decline, then Apply, that will stop it.
Port 443 is the normal https:// port, BTW.
Re: 1.36.33 getting flagged by Snort
Posted: Wed Apr 03, 2024 8:10 pm
by Redstorm
Yes is the privacy option. states it contact ipinfo.io which i saw in the wireshark capture. I have declined it, will see if it trys to contact it again.
443 HTTPS same same...