This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPS don't drop !

Dear all!

i'm testing fuction IPS of ASG,

---[ISP]----[ASG]---[Mailserver]

i use software "DosHttp" to attack Webserver. ASG log it, but don't drop.

"2009:11:18-04:52:20 MS-ASTARO ulogd[3984]: id="2103" severity="info" sys="SecureNet" sub="ips" name="SYN flood detected" action="SYN flood" fwrule="60012" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:19:0f:81" srcmac="00:00:00:00:00:00" srcip="192.168.1.31" dstip="192.168.0.3" proto="6" length="48" tos="0x00" prec="0x00" ttl="128" srcport="2685" dstport="80" tcpflags="SYN"

Why? please help me?

This thread was automatically locked due to age.

Parents

0 BAlfson over 11 years ago

Hi, vdkhoa83, and welcome to the User BB!

Like BarryG says, please show a representative line copied from the IPS log file, not a picture like the originator of this thread.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 11 years ago

Hi, vdkhoa83, and welcome to the User BB!

Like BarryG says, please show a representative line copied from the IPS log file, not a picture like the originator of this thread.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data