To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

attack source 0.0.0.0

kallstrom
kallstrom Posts: 25 Security Scout

Hello, can U pls tell me how should I interpret Internet Shield Status where:

 

Latest attack service is - Unknown

and
Latest attack source is  0.0.0.0 

 

I have this message window from time to time on my hosts. It looks like someone is scannig my network. Is there any place in f-secure logs where I can find more information about this attack?

 

 

Comments

  • Vad
    Vad Posts: 1,069 Cybercrime Crusader

    Hello kallstrom,

     

    What F-Secure product/version do you have?

    Most likely, more detailed information can be found in Firewall debug logs and packet logs.

    Please, contact support for instructions how to collect them if needed.

     

    Best regards,

    Vad

  • kallstrom
    kallstrom Posts: 25 Security Scout

    ok, I have created support request.

     

    I use PMS 11.30 and FCS 11.00

     

    I have already found more information from client machine:

    Protocol scan (137<protocol<224)
    In
    Protocol 139

  • Vad
    Vad Posts: 1,069 Cybercrime Crusader

    Please, note, that we made several improvements in Internet shield since version 11.00. I would recommend you to upgrade to the latest version 11.61.

     

    Best regards,

    Vad

  • JelleH
    JelleH Posts: 17 Security Scout

    Hi all,

     

    I am hosting an F-Secure environment (PM v12.00) and mostly 11.61 FSCS .

    In total there are about 5000 clients in this solution but in one specific office we notice this same issue.

    As a bypass we can disable netbios in the Wins config of windows... but as you can imagine this would be a pain to do manually on 5000 clients... is there an easy way to quiet this alert for the end-users at least?

     

    thanks

     

    Jelle

This discussion has been closed.

Categories