IDP
All Replies
-
Hi Balazs.
Are these problems fixed in firmware v4.60?
Regards
Wojtek
0 -
-
Thank you for the information.
Regards
Wojtek
0 -
4,6 have a some big problem with rdp brute force attack recognition .0
-
have a bad IP -185.193.88.29. Information about IP https://www.abuseipdb.com/check/185.193.88.29
Screenshots - crop1 и crop2.
At screenshots we can see attack time and time at victim computer.
This activity continues last week, and Flex 200 don't identity or block attack or attacker.
Sorry for Language, native is russian.
4.60 or 4.55 - It doesn't matter.0 -
Hi @Pavel
IDP function will inspection examine OSI layer 4~7 packets content for malicious data.
If packets is detected malicious data, then will block by IDP function.
As your screen shot, it looks the traffic is legal but in wrong password.
You may change your service port on WAN side(port forwarding rule) to prevent this kind of attack.
Share yours now!
Stanley
0 -
Zyxel_Stanley said:
Hi @Pavel
IDP function will inspection examine OSI layer 4~7 packets content for malicious data.
If packets is detected malicious data, then will block by IDP function.
As your screen shot, it looks the traffic is legal but in wrong password.
You may change your service port on WAN side(port forwarding rule) to prevent this kind of attack.
Easy redirect port to pfsense (suricata) - attacker is blocked.
Maybe in USG need change something ?0 -
Hi @Pavel
In IDP service, there are many signatures related to Remote Desktop attack.Is there any IDP detect log showing up during your RDP was attacked?
Share yours now!
Stanley
0 -
yes. many,many,many signature .
BUT idp not detect.
dash - attacker IP and service RDP
mikrot - forward packet to computer
victim,victim2,victim3 - screenshot from target computer
P.S.
Small question - why Microsoft Remote Desktop in Linux FreeBSD Platform ?)))))))))))))))
In Russian forum no answer .))))))))))
0
Categories
- All Categories
- 413 Beta Program
- 2.3K Nebula
- 192 Nebula Ideas
- 87 Nebula Status and Incidents
- 5.3K Security
- 142 USG FLEX H Series
- 253 Security Ideas
- 1.3K Switch
- 75 Switch Ideas
- 993 Wireless
- 51 Wireless Ideas
- 6.1K Consumer Product
- 231 Service & License
- 362 News and Release
- 74 Security Advisories
- 23 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 101 About Community
- 67 Security Highlight