Multiple attacks showing in SEPM
We are using SEPM 11.0.6. We have a server that is continually being attacked. We understand that Symantec is doing its job and blocking the attack, but is there any way to get it to stop happening?
We're going on 5 straight days of attacks. It would've been more, but we shut the server down over the weekend.
It seems to be the same 4 attacks over and over with different IP addresses: OS Attack: MS Windows Server Service RPC Handling CVE-2008-4250, OS Attack: MS Windows Server Service NetAPI CVE-2006-3439, OS Attack: MS RPCSS Attack CVE-2004-0116 2, and SMB Guest Login.
We tried to install all the Microsoft patches listed in the various articles, but it didn't seem to help. Is there anything else we can do to stop the attacks?