https://community.sophos.com/products/unified-threat-management/astaroorg/f/110/t/70281
same problem i am facing ,till now i have to disable ipv6 for astaro.org access problem but today i just want to test ipv6 and found the same problem
as search with astro search and found my prv post was closed
id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="WEB-MISC Multiple vendor Antivirus magic byte detection evasion attempt" group="500" srcip="2620:0100:e000:0000:0000:0000:0000:8001" dstip="2002[:D]b40:5bfd:0000:0000:0000:0000:0001" proto="6" srcport="80" dstport="48422" sid="17276" class="Attempted User Privilege Gain" priority="1" generator="1" msgid="0"
2011:07:16-16:37:59 acenn snort[8869]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="WEB-MISC Multiple vendor Antivirus magic byte detection evasion attempt" group="500" srcip="2620:0100:e000:0000:0000:0000:0000:8001" dstip="2002[:D]b40:5bfd:0000:0000:0000:0000:0001" proto="6" srcport="80" dstport="48445" sid="17276" class="Attempted User Privilege Gain" priority="1" generator="1" msgid="0"
2011:07:16-16:37:59 acenn snort[8869]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="WEB-MISC Multiple vendor Antivirus magic byte detection evasion attempt" group="500" srcip="2620:0100:e000:0000:0000:0000:0000:8001" dstip="2002[:D]b40:5bfd:0000:0000:0000:0000:0001" proto="6" srcport="80" dstport="48446" sid="17276" class="Attempted User Privilege Gain" priority="1" generator="1" msgid="0"
2011:07:16-16:38:01 acenn snort[8869]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="WEB-MISC Multiple vendor Antivirus magic byte detection evasion attempt" group="500" srcip="2620:0100:e000:0000:0000:0000:0000:8001" dstip="2002[:D]b40:5bfd:0000:0000:0000:0000:0001" proto="6" srcport="80" dstport="48452" sid="17276" class="Attempted User Privilege Gain" priority="1" generator="1" msgid="0"
2011:07:16-16:40:11 acenn snort[8869]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="WEB-CLIENT obfuscated javascript excessive fromCharCode - potential attack" group="320" srcip="2620:0100:e000:0000:0000:0000:0000:8001" dstip="2002[:D]b40:5bfd:0000:0000:0000:0000:0001" proto="6" srcport="80" dstport="55551" sid="15362" class="Misc activity" priority="3" generator="1" msgid="0"
thx
