abnormal udp traffic detected, source port is zero, DROP (port53)
All Replies
-
So its blocked what are you trying to do? stop it logging the block?0
-
yep,
I dont know why I'm alerted if my port is closed (and Log denied traffic is set to no)
0 -
Its logging due to it being set in security policy > ADP > profile tab
0 -
Hi @ktv
Those logs were generated by UDP abnormal traffic protection of ADP.
So, even you disable DNS UDP port 53 session on security policy, those similar log messages still can be seen.
If you don’t want to see them you may navigate Configuration > Security Policy > ADP and set "Traffic Anomaly", "Protocol Anomaly" Log to “no”.
Hope this can help you.
0
Categories
- All Categories
- 347 Beta Program
- 2.1K Nebula
- 115 Nebula Ideas
- 77 Nebula Status and Incidents
- 5K Security
- 44 USG FLEX H Series
- 246 Security Ideas
- 1.2K Switch
- 64 Switch Ideas
- 900 WirelessLAN
- 33 WLAN Ideas
- 5.8K Consumer Product
- 204 Service & License
- 326 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.8K FAQ
- 832 Nebula FAQ
- 402 Security FAQ
- 219 Switch FAQ
- 190 WirelessLAN FAQ
- 45 Consumer Product FAQ
- 136 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 71 About Community
- 61 Security Highlight