Hello, I would like to write a firewall rule to drop all SSLv2 traffic attempting to travel through our UTM because of the DROWN vulnerability . We have a couple of servers susceptible to the attack and it would be nice to first block the attack at…

Hi, So I have kind of fixed the slow ssl/openvpn issue, but I can't seem to find a way to put the exception in. - Part 1 of the fix was to disable the UDP flood protection - get 1.5-2mbit (otherwise caps out ~0.5mbit) - Part 2 disable IPS get full…

I am trying to add rules into the custom.rules file and added the inclusion for the custom.rule file to snort.conf include $RULE_PATH/astaro.rules include $RULE_PATH/custom.rules however any modifications to chrooted files revert back upon restart of…

Hi, I'm new to the forum, but I've been reading up a bit on the Sophos UTM IPS performance issues - which I am experiencing, and looking for suggestions on how to possibly improve this problem. I have a 100mbps down/15mpbs up cable connection with 3…

I was consistently pulling down 100Mbits with my UTM 9.35 until last week. I can't say for sure if it was a pattern update or a firmware update, but I noticed that my speed tests were topping out at about 45Mbit down. I started poking around my cable…

Hi, I had 2 attacks blocked, it is a bummer that I can't drill down on the actual text, but I found more detail in the "Network Protection" menu under "IPS: Top Blocked Attacks" I can figure out the host inside that tried to send the packet out…