Should I be worried that when I click on some of the TLS fingerprints in ntopng it takes me to a ssl abuse website and a few of the TLS fingerprints show as blacklisted for malware? I can't seem to find exactly what app is using these TLS certs, and I don't see any flagged IP's being connected to. Is there a way to see a connection between the fingerprints in the TLS tab of ntopng and a remote server IP or something so I can get an idea of what connections are using them?
No comments:
Post a Comment