Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
r1der
Advisor
Jump to solution

Command Injection Over HTTP Payload

Hello,

During my https inspection testing, I found out my computer was "Prevented" from the following attack: Command Injection Over HTTP Payload protection. I believe it is a false positive since my Microsoft Outlook started having issues sending. I created a TP exception for it and MS Outlook seems to be fine again.
Should I be reporting false positives like this to support? What would I provide? A packet capture?

logcard.png

logcard2.png

Thanks!

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

False Positives need to be reported to TAC, correct.
In addition to the usual information (cpinfo output), a packet capture would most definitely be helpful.

View solution in original post

1 Reply
PhoneBoy
Admin
Admin

False Positives need to be reported to TAC, correct.
In addition to the usual information (cpinfo output), a packet capture would most definitely be helpful.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events