Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 854 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

since we have updated to 9.0040-we see these from two email servers

Barry_Foss
INDICATOR-COMPROMISE IRC channel notice on non-standard port
Details........: Snort ::
Time...........: 2012-11-14 11:34:35
Packet dropped.: no
Priority.......: high
Classification.: A Network Trojan was detected IP protocol....: 6 (tcp)

the emails look ok,  didn't want to disable the rule if it means something, can someone give me some detail on this or let me know if you need more info


This thread was automatically locked due to age.
Parents
  • 0
    That error message shouldn't be triggered by email.  Can you determine from the logs whether an email was being sent or if this had to do with the conversation around sending the email to the SMTP Proxy?

    This might be worth opening a Support ticket.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    That error message shouldn't be triggered by email.  Can you determine from the logs whether an email was being sent or if this had to do with the conversation around sending the email to the SMTP Proxy?

    This might be worth opening a Support ticket.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?