Quantcast
Channel: Symantec Connect - Products - Ideas
Viewing all articles
Browse latest Browse all 1891

Web Attack: Fake Tech Support Website 295 attack blocked

$
0
0

Hi

When SEP are logging an Intrusion Prevention Critical 24 event.. 

Two things:

1. The event is more "informational" since there is no way of getting the nessecary information to act on it.

2. We need mote information: Web Attack: Fake Tech Support Website 295 attack blocked. Traffic has been blocked for this application: C:\WINDOWS\SYSTEM32\DNS.EXE - Since the traffic is blocked inbound to the DNS - we have noe trace on it for the URL/records beeing requested. And the Symantec logging is not showing any information about the URL/Record blocked.. 

We need mote insight in what have been blocked. 

TechSupport Case: Case Number 28986369

Regards,

Audun


Viewing all articles
Browse latest Browse all 1891

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>