Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
hilalwani
Explorer

Received unknown DDOS traffic from outside and firewall accepted it

Guys,

This morning I've received some  unknown outside traffic from this IP 172.81.61.147 to inside and the firewall accepted it by implied access rule with rule number 0. having a source port 39640 and a service FW1_ica_services (TCP/18264).

The outside-to-inside policy is already in place which is denying the external unknown traffic, but I wonder how it was accepted by the firewall.

Can anyone clarify it and help to avoid such unknown DDOS traffic coming from outside 

0 Kudos
1 Reply
Lesley
Leader Leader
Leader

https://support.checkpoint.com/results/sk/sk99076

https://support.checkpoint.com/results/sk/sk52421

https://support.checkpoint.com/results/sk/sk32682

Would not recommend to close this port 18264

Since DDOS can happen on any port not only 18264 here is something interesting for you regarding DDOS topic:

https://support.checkpoint.com/results/sk/sk112241

-------
If you like this post please give a thumbs up(kudo)! 🙂

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events