Omnia 
Ally Member
Comments
-
Hi @Zyxel_Tina , we have all sfp port full… i cannot move… sorry.. The switch are in a datacenter (18 °).
-
ok, so we can manage this issue without move the SFP or there isn't solution? we can try to move switch and separate the switch by one rack unit each other?
-
@Vagabound can you check signature version?
-
maybe it's a signature update… this crash this is ok… difference it's only app patrol signature
-
we similar problem, with 2 atp 200, we have 2fa actived with google auth… it's impossible to reach it after reboot all is down
-
Hi @Zyxel_Melen, because we have a false positive during a ftps file trasfer: we have set sensibility in "low" but we continue to receive drop packet.
-
I think there is an day 0. Maybe something related to the web page. Close all access from wan it's only way to be secured ( maybe).
-
Hi, we have the same. the problem was that the password are compromised from 5.37/5.38 vulnerability. We have changed all password after the update to 5.39. we have close access to administration page to our ip, Geo-ip defence sslvpn and 2fa for all the user.…
-
@Deuba check when they have create the user from secureporter, in other case we see they have created the user/admin and have delete it after use
-
Hi @Deuba, we have a similar incident, but they have gained access from a SSLVPN user with the right password. Maybe they have created the user in the pass, when you don't have the 2fa? there is other admin without 2fa? maybe you can check event in secureporter to check when they create the user.
-
https://community.zyxel.com/en/discussion/comment/71128#Comment_71128 @Deuba if you haven't change password after the update, the password could be retrive in the past using 5.38 CVE or later
-
@deuba Did you have admin web-page open or with geoip? did you have change password in the last 2 months?
-
we have the same issue and persist after reboot
-
We have the same!
