Anti-Beacon is missing a Windows 10 telemetry behavior
I have SB-AB 1.2 installed with full protection enabled.
However while looking at my f/w, which is running snort to detect suspect and known threats, in the logs I see the following:
Code:
Date Pri Proto Class Src Port Dest Port SID Desc
2018-06-09 03:00:20 3 TCP Misc activity 192.168.0.101 63707 40.80.145.27 80 1:2025275 ET INFO Windows OS Submitting USB Metadata to Microsoft
2018-06-09 03:00:20 3 TCP Misc activity 192.168.0.101 63707 40.80.145.27 80 1:2025275 ET INFO Windows OS Submitting USB Metadata to Microsoft
2018-06-09 03:00:20 3 TCP Misc activity 192.168.0.101 63707 40.80.145.27 80 1:2025275 ET INFO Windows OS Submitting USB Metadata to Microsoft
2018-06-09 03:00:20 3 TCP Misc activity 192.168.0.101 63707 40.80.145.27 80 1:2025275 ET INFO Windows OS Submitting USB Metadata to Microsoft
Looks like the latest Windows update major release added something.