abnormal udp traffic detected, source port is zero, DROP (port53)
Options
All Replies
-
So its blocked what are you trying to do? stop it logging the block?0
-
yep,
I dont know why I'm alerted if my port is closed (and Log denied traffic is set to no)
0 -
Its logging due to it being set in security policy > ADP > profile tab
0 -
Hi @ktv
Those logs were generated by UDP abnormal traffic protection of ADP.
So, even you disable DNS UDP port 53 session on security policy, those similar log messages still can be seen.
If you don’t want to see them you may navigate Configuration > Security Policy > ADP and set "Traffic Anomaly", "Protocol Anomaly" Log to “no”.
Hope this can help you.
0
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 52 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight