Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
G_W_Albrecht
Legend
Legend
Jump to solution

1550 hosts encountered an exploit attempt

CheckPoint SmartView is a good tool for log reviews with its templates like Attacks Allowed by Policy. During IPS profile testing on the 1550 - you had to limit IPS protections in a special SMB profile with the older Embedded GAiA models while 1550 / R80.20 now has a TP policy like all GAiA GWs do - i also used SmartView. This gave me an odd encounter i would not have expected: hosts encountered an exploit attempt ! Have a look:

list.png

 

 

 

 

 

 

The 1550 FifteenFifty 😊 is managed by SMS7520 🙃 and set to send Security  Logs and Syslog there. Seems not to be easy with Syslog, though:

card.png

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Matthaeus 5:30:

And if thy right hand offend thee, cut it off, and cast it from thee 😎

CCSE CCTE CCSM SMB Specialist
1 Solution

Accepted Solutions
G_W_Albrecht
Legend
Legend

Now these messages have vanished from SmartView...

CCSE CCTE CCSM SMB Specialist

View solution in original post

0 Kudos
1 Reply
G_W_Albrecht
Legend
Legend

Now these messages have vanished from SmartView...

CCSE CCTE CCSM SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events