We are having some vulnerability scans on our network, which has triggered an alert:
"Intrusion Prevention Info; [SID: 20511] HTTP CGI Test Request detected. Traffic has been allowed from this application: C:\Windows\System32\ntoskrnl.exe"
Is there any way to block this traffic? Or is there a good reason why it wasn't blocked? I can't find anything in Intrusion Prevention or Firewall that seems to specifically allow this.
Any insight would be appreciated