I updated my Distro 14 yesterday to all the latest modules and now our OpenDNS (Cisco Umbrella) is rejecting some traffic. Is this legitimate traffic that I should whitelist or do I need to investigate further.
Time Resp. Destination Category Identity
12:45:30 Blocked pool.sks-keyservers.net Malware, Computer… PBX LDAP (pbxldap…
12:42:33 Blocked pool.sks-keyservers.net Malware, Computer… PBX LDAP (pbxldap…
Yes those are legitimate servers. They are GPG/PGP public key servers used for opengpg which is used as part of module signing. It seems silly that would be flagged.
side note this should NOT affect signature checking as it should failover.
// List of well-known keyservers.
private $keyservers = array(
"pool.sks-keyservers.net", // This should almost always work
"hkp://keyserver.ubuntu.com:80", // This is in case port 11371 is blocked outbound
"pgp.mit.edu", // Other random keyservers
"keyserver.pgp.com", // Other random keyserver
); // Yes. sks is there twice.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.