Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sajenthiran_Mic
Contributor

Gateway and Management logs

We use multiple checkpoint gateways ... we have times where we try to decode the logging entries.

We had recent log entries, which stated that a server has used network communication on port 1027(ICKiller).

A Windows Trojan!! https://threatwiki.checkpoint.com/threatwiki/public.htm

Now the research on the Server using an Antivirus - tool could not find any suspected infection.

According to checkpoint are the security gateways detects suspicious communication based on signature inside the packet. Is that the case even when Antivirus Blade is not active? Is the default Intrusion Detection System able accurately to identify threats

 

0 Kudos
5 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events