FSCS12 firewall warnings.

Dear Sirs,

One of our customers has a computer running F-Secure Client Security 12.00 that is not connected to the corporate LAN. It only has Wi-Fi access to a router, for connection to the public net. The computer regularly logs incidents like these:

Date: 2015-10-15 09:10:57+02:00
Host: 192.168.0.78
User account: computername\username
Product: F-Secure Anti-Virus Internet Shield (OID: 1.3.6.1.4.1.2213.25)
Severity: warning (2)
TrapNumber: 601
Parameters:
(0) 139
(1) 0
(2) 0
(3) 0.0.0.0
(4) Intrusion attempt detected

Is this something worth investigating / fixing?

I think 139 (TCP) is "Microsoft NetBIOS session services" or the "Windows File sharing and network printers access" service in F-Secure Internet Shield parlance.

Thanks in advance, Yours Sincerely:
Tamas Feher, 2F 2000 Kft., Hungary.

Find more posts tagged with

Comments

AndYkh

Hi etomcat,

We do apologize as there was a misunderstanding that the fix will be ready in the next version. R&D will integrate the fix ASAP but we have not confirmed whether is it in the next release.

Best Regards,
Andy Yoon

andyYkh

Hi etomcat,

Sorry for the late reply. Have checked with R&D about the progress and the fix will be in the coming version of FSCS 12. For the time being, disabling IDS/IPS is just a temporary workaround.

Thank you.

Best Regards,
Andy Yoon

..........................................................................................................................................................................................................................
Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.

etomcat

Up!

etomcat

Dear Andy,

Please give us a status update regarding this problem. Disabling the IDS/IPS is not an acceptable long-term solution.

Thanks in advance, Yours Sincerely:
Tamas Feher, 2F 2000 Kft., Hungary.

andyYkh

Hi etomcat,

We are aware of the issue and R&D is taking a look into it. The current workaround available for the issue is to disable IDS to avoid the warnings.

Thanks.
Best Regards,
Andy Yoon

..........................................................................................................................................................................................................................
Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.