Hi,
I receive multiple message like this and Im worrying:
Someone can said me what happens? It's an attack?
I don't know if is relationed with WSUS.
Thank you so much!
I receive multiple message like this and Im worrying:
Quote:
|
Intrusion Prevention Alert An intrusion has been detected. The packet has been dropped automatically. You can toggle this rule between "drop" and "alert only" in WebAdmin. Details about the intrusion alert: Message........: FILE-OTHER RealNetworks Netzip Classic zip archive long filename buffer overflow attempt Details........: Snort :: Time...........: 2013-02-21 17:48:01 Packet dropped.: yes Priority.......: high Classification.: Attempted User Privilege Gain IP protocol....: 6 (TCP) Source IP address: 217.212.239.25 (217-212-239-25.customer.teliacarrier.com) - Professional Toolset | DNSstuff - Database Query - http://ws.arin.net/cgi-bin/whois.pl?...217.212.239.25 - APNIC - Query the APNIC Whois Database Source port: 80 (http) Destination IP address: x.x.x.x - Professional Toolset | DNSstuff - Database Query - http://ws.arin.net/cgi-bin/whois.pl?queryinput=x.x.x.x - APNIC - Query the APNIC Whois Database Destination port: 49357 |
I don't know if is relationed with WSUS.
Thank you so much!