attack source 0.0.0.0

Regular Member

attack source 0.0.0.0

Hello, can U pls tell me how should I interpret Internet Shield Status where:

 

Latest attack service is - Unknown

and
Latest attack source is  0.0.0.0 

 

I have this message window from time to time on my hosts. It looks like someone is scannig my network. Is there any place in f-secure logs where I can find more information about this attack?

 

 

4 REPLIES 4
F-Secure
F-Secure

Re: attack source 0.0.0.0

Hello kallstrom,

 

What F-Secure product/version do you have?

Most likely, more detailed information can be found in Firewall debug logs and packet logs.

Please, contact support for instructions how to collect them if needed.

 

Best regards,

Vad

Regular Member

Re: attack source 0.0.0.0

ok, I have created support request.

 

I use PMS 11.30 and FCS 11.00

 

I have already found more information from client machine:

Protocol scan (137<protocol<224)
In
Protocol 139

F-Secure
F-Secure

Re: attack source 0.0.0.0

Please, note, that we made several improvements in Internet shield since version 11.00. I would recommend you to upgrade to the latest version 11.61.

 

Best regards,

Vad

Highlighted
Aspirant

Re: attack source 0.0.0.0

Hi all,

 

I am hosting an F-Secure environment (PM v12.00) and mostly 11.61 FSCS .

In total there are about 5000 clients in this solution but in one specific office we notice this same issue.

As a bypass we can disable netbios in the Wins config of windows... but as you can imagine this would be a pain to do manually on 5000 clients... is there an easy way to quiet this alert for the end-users at least?

 

thanks

 

Jelle