irctraffic

Explanation

The irctraffic NDM is a network event that scans network traffic for IRC chat messages, IRC server connections, and IRC file transfers. If it detects any of these activities, it triggers an alert. This is a port based detection and may not necessarily be IRC traffic, it may just be ephemeral to ephemeral traffic that is occuring on the network.

What to Look For

If you receive an alert for the irctraffic NDM, you should examine network traffic for any IRC chat messages, IRC server connections, or IRC file transfers. It is important to investigate these activities thoroughly to determine if they are legitimate or malicious. Additionally, you should be aware that this is a port based detection and could be triggered by other types of traffic, not just IRC.