Started receiving the following notification yesterday. I don't understand why this is coming up with the source being the outside IP of the UTM. Is there another log file I should be reviewing to find out if there is an infected host on our network?
Not sure if this helps or not but software version 9.306-6
afcd_784_: id=_2022_ severity=_warn_ sys=_SecureNet_ sub=_packetfilter_ name=_Packet dropped _ATP__ srcip=_OutsideIPofUTM_ dstip=_192.240.167.185_ fwrule=_63001_ proto=_6_ threatname=_Troj/Dluca-BM_ status=_1_ host=_commonname.com_
This thread was automatically locked due to age.
