Hi, I'd like to see if I can get some help understanding what's going on here, and what to do about it with the following alerts I'm getting (I blanked the IPs below). The snort page returns no results. Although each packet is being dropped, this has been going on all day. I've tried blocking the source IP, but that didn't work, and that may just be because I don't understand the alert, or because I'm not blocking it correctly.
*********************************
Intrusion Prevention Alert
An intrusion has been detected. The packet has been dropped automatically.
You can toggle this rule between "drop" and "alert only" in WebAdmin.
Details about the intrusion alert:
Message........: SERVER-OTHER SSL request for export grade ciphersuite attempt
Details........: https://www.snort.org/search?query=33777
Time...........: 2015-03-20 11:53:15
Packet dropped.: yes
Priority.......: high
Classification.: Potential Corporate Privacy Violation IP protocol....: 6 (TCP)
Source IP address: 12.x.x.x
Source port: 443 (https)
Destination IP address: 192.168.x.x
Destination port: 51043
This thread was automatically locked due to age.
