abnormal udp traffic detected, source port is zero, DROP (port53)
All Replies
-
So its blocked what are you trying to do? stop it logging the block?0
-
yep,
I dont know why I'm alerted if my port is closed (and Log denied traffic is set to no)
0 -
Its logging due to it being set in security policy > ADP > profile tab
0 -
Hi @ktv
Those logs were generated by UDP abnormal traffic protection of ADP.
So, even you disable DNS UDP port 53 session on security policy, those similar log messages still can be seen.
If you don’t want to see them you may navigate Configuration > Security Policy > ADP and set "Traffic Anomaly", "Protocol Anomaly" Log to “no”.
Hope this can help you.
Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight