IDP
All Replies
-
Hi Balazs.
Are these problems fixed in firmware v4.60?
Regards
Wojtek
0 -
-
Thank you for the information.
Regards
Wojtek
0 -
4,6 have a some big problem with rdp brute force attack recognition .0
-
have a bad IP -185.193.88.29. Information about IP https://www.abuseipdb.com/check/185.193.88.29
Screenshots - crop1 и crop2.
At screenshots we can see attack time and time at victim computer.
This activity continues last week, and Flex 200 don't identity or block attack or attacker.
Sorry for Language, native is russian.
4.60 or 4.55 - It doesn't matter.0 -
Hi @Pavel
IDP function will inspection examine OSI layer 4~7 packets content for malicious data.
If packets is detected malicious data, then will block by IDP function.
As your screen shot, it looks the traffic is legal but in wrong password.
You may change your service port on WAN side(port forwarding rule) to prevent this kind of attack.
0 -
Zyxel_Stanley said:
Hi @Pavel
IDP function will inspection examine OSI layer 4~7 packets content for malicious data.
If packets is detected malicious data, then will block by IDP function.
As your screen shot, it looks the traffic is legal but in wrong password.
You may change your service port on WAN side(port forwarding rule) to prevent this kind of attack.
Easy redirect port to pfsense (suricata) - attacker is blocked.
Maybe in USG need change something ?0 -
Hi @Pavel
In IDP service, there are many signatures related to Remote Desktop attack.Is there any IDP detect log showing up during your RDP was attacked?
0 -
yes. many,many,many signature .
BUT idp not detect.
dash - attacker IP and service RDP
mikrot - forward packet to computer
victim,victim2,victim3 - screenshot from target computer
P.S.
Small question - why Microsoft Remote Desktop in Linux FreeBSD Platform ? )))))))))))))))
In Russian forum no answer . ))))))))))
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight