hi,
I started using endpoint protection/advanced thread protetion during this beta, so I'm posting it here.
On a regular basis I get the following mail alert from UTM
-------------------------------
Details about the alert:
Threat name....: C2/Generic-A
Details........: C2/Generic-A - Viruses and Spyware - Web Threat, Virus and Spyware Detection and Removal | Sophos - Threat Center - Cloud Antivirus, Endpoint, UTM, Encryption, Mobile, DLP, Server, Web, Wireless Security, Network Storage and Next-Gen Firewall Solutio
Time...........: 2014-01-27 14:46:15
Traffic blocked: yes
Internal source IP address or host: 192.168.1.10
-------------------------------
The dashboard reports this:
User/Host Threat Name Destination Events Origin
1 192.168.1.10 C2/Generic-A 4pda.ru 2 DNS
I did a full scan of the mentioned machine and all other machines using Sophos Virus Removal Tool, but no issues are found. On the machine itself the endpoint protection isn't installed (it's a domain controller and hyper-v server).
Franc.
Guest User!
You are not Sophos Staff.
