HI, I am a SOC Analyst who is working with one of my clients. I was doing a port inspection, and noticed a high number of outbound requests on UDP 3050. They all seem to be about 500 bytes. No traffic is witnessed inbound.
The client believes this traffic is coming from their wireless access point. The client states that they are running:
- on premises Hive Manager Software Version: 8.2r2c
- AP model AP250 running HiveOS 8.0r1.162054
The client has reported that these are older Manager and Firmware models, and plans to upgrade.
Any help in identifying this traffic and stopping it would be greatly appreciated.
P.S. I’m guessing the Sub-Forum. Please let me know if I need to move this post to the proper forum.