SEP RU6 UDP FLOOD ISSUE!
Created: 18 May 2010 | 3 comments
Starting with Symantec Endpoint Protection RU6 and continuing in RU6A, the "UDP Flood Attack" threshold is set too low. Denial of Service notices\responses are being triggered to cause an Active Response block for legitimate DNS servers. Adding an exception is not a valid solution since we can not add exceptions for every users home network. One of the two following solutions should be implemented:
•Increase the threshold
•Allow the customer to have an option to set this threshold manually
Discussion Filed Under:
Comments 3 Comments • Jump to latest comment
@ JD,
Yeah, it's a known issue. Please see this thread:
https://www-secure.symantec.com/connect/forums/sep...
I had to disable the DoS protection until Symantec releases a fix.
Mike
Disabled DoS now vulnerable until Symantec provides fix!
DoS vulnerabilities in Firefox Internet Explorer Chrome Opera and other browsers reported on security website!
Where is the fix Symantec?
Would you like to reply?
Login or Register to post your comment.