Zyxel ATP800 not responding Botnet problem

Infosetel2020 Posts: 21  ZCNE Certified
First Anniversary ZCNE Security Level 1 Certification - 2019 ZCNE Nebula Level 1 Certification - 2019 10 Comments


We have a Zyxel ATP 800 that is detecting a computer with a Botnet connection problem.
The ATP 800 detects the problem in that computer, but what is happening with the ATP800 is that it does not respond to web access and stops working until the Zyxel ATP800 is restarted.

The firmware version is 5.37 (ABIQ.0)

Connections to that Botnet infected computer have been limited to 500 sessions and the problem still occurs, the Zyxel ATP800 stops responding and reboots.

We need to connect that computer with Botnet infection to be able to solve it as we have an EDR solution for antivirus control, but it is not possible because in less than 5 minutes, the ATP800 stops working with this computer.

We have extracted the debug files in order to analyse them.

Awaiting your news,

Thank you,

Juan Antonio

All Replies

Security Highlight