This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Advanced Tread Protection

Hello, I have multiple messages in Advanced Tread Protection.

2023:06:22-03:43:37 xxx ulogd[13536]: id="2022" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" action="drop" fwrule="63001" initf="eth0" threatname="C2/Generic-A" srcmac="c4:65:16:12:c5:f4" dstmac="7c:5a:1c:61:d3:d4" srcip="10.40.10.3" dstip="209.197.3.8" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="50975" dstport="80" tcpflags="SYN" 

The IP 209.197.3.8 belongs to hwcdn.net and is a part of Microsoft Update Network.

Have I false positive messages or is it a Problem I should be concerned about?

Greetings

Tom



This thread was automatically locked due to age.
Parents Reply Children
No Data