This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Carpet Bombed with email alerts

Hi there,

I am a new administrator that has inherited a Sophos UTM 9 installation and we are getting thrashed with port scan alerts. I suspect this is just script kiddies that are now on holiday trying to find a way in, but we are getting hundreds of alerts from the same device for the same source IP.

Is there a way to reduce the amount of alerts that are sent, or the frequency of alerts ( eg, every 50th scan) so I can reduce the amount of alert spamming?

Regards,
New Guy

This thread was automatically locked due to age.

Parents

0 BarryG over 11 years ago

Hi, iirc portscan comes before firewall rules. Not sure about Country Blocking.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BarryG over 11 years ago

Hi, iirc portscan comes before firewall rules. Not sure about Country Blocking.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data