https://community.sophos.com/sophos-xg-firewall/f/discussions/101710/question-on-default-action-for-intrusion-protection-ruleI recently noticed some activity flagged as attacks on the XG Dashboard. Clicking on it indicated that the packets were allowed. I looked through the IPS policies to find the applicable rule, which was this one: Apple QuickTime traf Atom Out-Of-Boundsen-USTelligent Community 12https://community.sophos.com/thread/369412?ContentTypeID=1Mon, 02 Apr 2018 08:12:39 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:60192941-411e-4066-bd25-fca586882836dma0<p>Thank you MBP.&nbsp;</p><div style="clear:both;"></div>https://community.sophos.com/thread/369405?ContentTypeID=1Mon, 02 Apr 2018 06:03:07 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:d40bc16e-26ff-4dd8-8d3f-e16ae9d52ebaLuCar Toni<p>Hi,</p> <p>Just a small summery to this IPS Rule:</p> <p><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3668">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3668</a></p> <p><a href="https://www.snort.org/rule_docs/1-35860">https://www.snort.org/rule_docs/1-35860</a></p> <p><a href="http://telussecuritylabs.com/threats/show/TSL20150827-01">http://telussecuritylabs.com/threats/show/TSL20150827-01</a></p> <p>Its fixed since around about 2 years.</p> <p>&nbsp;</p> <p>Cheers</p><div style="clear:both;"></div>