0 Replies Latest reply on May 29, 2017 6:17 PM by tiagoferreira

    MOVE MP SVM Manager contacting tor network

    tiagoferreira

      Hey guys,

       

      I deployed MOVE MP at a costumer network, and recently I discovered something rather interesting, and suspicious. The SVM Manager is trying to contact a server via ntp port. The server is listed as a tor network. My firewall bloqued the request since this is a WannaCry indicator. You can see a print bellow:

       

       

      This network has no internet access and this is the only server with this behaviour. I am using SVM Manager OVF version 4.5.0.211.

       

      Any explanation or sugestions about this??

       

      Thanks