NTP attack not blocked, WHY?
Updated: 21 Sep 2010 | 1 comment
Can someone tell me why SEP is not blocking (and instead allowing) this traffic, which it clearly identifies as malicious? I don't see any particular settings under NTP where I can configure default response..
http://i41.tinypic.com/33pbinq.png
discussion Filed Under:
Comments
hi
the default action for this SID is allow,if you want to block it
go to policies
intrusion prevention policy
click on exceptions, click on add
look for the sid
highlight that click next, select block, if you have already blocked it please post a screen shot.
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Would you like to reply?
Login or Register to post your comment.