I set this to drop as you can see in the picture attached.
But I get emails like this:
An intrusion has been detected. The packet has *not* been dropped.
If you want to block packets like this one in the future, set the corresponding intrusion protection rule to "drop" in WebAdmin.
Be careful not to block legitimate traffic caused by false alerts though.
Details about the intrusion alert:
Message........: SCAN Potential SSH brute force attempt inbound
.....
Why this ????
Regards,
Alex
This thread was automatically locked due to age.
