Hi,
I'm using a Sophos UTM in my home lab and since some weeks I get the following mails from the UTM (VMware Appliance 9.714-4):
The packet below
Src: 192.168.1.168:1205 {wifiap} Dst: 139.9.27.141:21 (TCP)
matched this filter rule: application violation
filter info: FTP: active FTP requested from 192.168.1.168 - not allowed
I have no active net 192.168.1. and I think it comes from a Docker or a failed config on a client but I don not find the source. So I want to look at the logs but do not find this in any log. So where this a application violation comes from and how can I stop sending a mail for this event?
Thanks for any hint, Steffen
This thread was automatically locked due to age.