Guest User!
You are not Sophos Staff.
Hi,
Im starting to get "SCAN Zgrab Scanning Attempt Detected" alerts, I understand who would use these, however how do I stop the alerts as they are ~+ Im sure
Hello Paul Johnson1,
Thank you for reaching out the community, are you able to see the log lines "SCAN Zgrab Scanning Attempt Detected" under the IPS logs under the log viewer ?
If so, can you confirm whether the traffic was logged and dropped OR logged and allowed ? Are you using ATP module too ?
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
can you share the log viewer > IPS logs ?
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
