BOTNETS Not Being Blocked.
Created: 12 Aug 2010 | Updated: 01 Oct 2010 | 3 comments
This issue has been solved. See solution.
On our Gateway I am monitoring about 12 different attacks from an IP from Russia using FTP. The Gateway says it is monitoring the Botnet but not blocking it. I have verified that this IP is not a good one. How come out Gateway isn't blocking this?
Discussion Filed Under:
Group Ownership:
Comments 3 Comments • Jump to latest comment
Came across this KB article which seems to cover this:
http://service1.symantec.com/SUPPORT/ent-gate.nsf/...
Cheers,
Kevin
Thanks. Will check it out. Found out that even though they are flagged as botnets they sometimes are not and that is why it just monitors for a while.
I did block the IP to russia. Figured that wasn't a good ip anyway. :)
Very help-full documents. but if swg is inline monitor mode and boots tab is blocking,
so is to be possible all active bots is block. why i am asking this bcoz i got boots in SWG report this are still active and monitoring. and i am using inline monitoring mode.
Would you like to reply?
Login or Register to post your comment.