Endpoint Protection Small Business Edition

 View Only

  • 1.  Security risk report

    Posted Mar 04, 2011 02:10 AM
      |   view attached

    Hi,

    Please look at the attchment. Last 2 days I am getting this report.

    Can anyone please give me a small explanation? That will be very helpful for me to take necessary steps.

    Thankx in advance.



  • 2.  RE: Security risk report

    Posted Mar 04, 2011 06:59 AM

    you need to check the two attacking host, are they printers , routers?

    https://www-secure.symantec.com/connect/forums/what-difference-between-top-sources-attack-and-risk-distribution-attacker#comment-2653991



  • 3.  RE: Security risk report

    Posted Mar 04, 2011 08:30 AM

    You may also be able to get more information about what is occuring by opening Monitors>Logs within the SEPM. Select Log type: Network Threat Protection & Log content: Attacks. Also ensure that you have a time range selected that would include the time frame that these attacks were logged in the report you have received.



  • 4.  RE: Security risk report

    Posted Mar 09, 2011 07:02 PM

    Do you recognise these  ip addresess?

    10.1.20.131
    110.1.155.229

     

    If you  think that these are the  computers, in your network, then, scan these  computer, with latest  SEP Definitions. You can also run sep support  tool-loadpoint  on these.

     

    If these  IP addressess are  not of your  network, then you  czan simply  block these  IP adddresses..



  • 5.  RE: Security risk report

    Posted May 08, 2011 10:14 AM

    Hi,

    Sorry for very late answer.

    I can't recognize those IP, but in "HR1" in "Top Targets attacked by clients" section, is my networks Laptop.

    So, from where I'll block those IP, from that laptop?

    ~r