[9.165][ANSWERED] How ATP works ?

Is it possible to have a small presentation about how ATP works ?

What are the expected behaviour in the graphical interface and in the logs if you have an ATP present in your network ?

Do you know how we can test this features in details ?

Parents

0 bastienb over 11 years ago

It works after the reboot...

2013:11:06-17:06:01 naxos afcd[7687]: id="2022" severity="warn" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" srcip="10.10.10.100" dstip="176.34.160.144" fwrule="63001" proto="6" threatname="C2/Generic-A" status="1" host="sophostest.com" url="/highrisk" action="drop"

I have restarted all modules first but only the reboot made something.

Do you still want the log files ?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 bastienb over 11 years ago

It works after the reboot...

2013:11:06-17:06:01 naxos afcd[7687]: id="2022" severity="warn" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" srcip="10.10.10.100" dstip="176.34.160.144" fwrule="63001" proto="6" threatname="C2/Generic-A" status="1" host="sophostest.com" url="/highrisk" action="drop"

I have restarted all modules first but only the reboot made something.

Do you still want the log files ?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 dna over 11 years ago in reply to bastienb

It works after the reboot...

2013:11:06-17:06:01 naxos afcd[7687]: id="2022" severity="warn" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" srcip="10.10.10.100" dstip="176.34.160.144" fwrule="63001" proto="6" threatname="C2/Generic-A" status="1" host="sophostest.com" url="/highrisk" action="drop"

I have restarted all modules first but only the reboot made something.

Do you still want the log files ?

Yes, maybe i can track down the reason with help of the logs.
Anyways, thanks for testing :-)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel