Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 2 subscribers
  • Views 11611 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

C2/Generic-A FP

PhilB_01
Hi,

C2/Generic-A triggered when I was trying to talk to a VPS that we have rented off-net (and which we've been renting for the best part of a year at this point, but which I guess I only just tried to talk to from behind a sophos UTM).

How can I get the false positive removed from the database?

Phil


This thread was automatically locked due to age.
Parents
  • 0
    Today's log file shows: 

    2015:06:17-00:25:57 astaro1-2 ulogd[26352]: id="2022" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" action="drop" fwrule="63001" initf="eth0" threatname="C2/Generic-A" srcmac="00:3e:e1:be:16:79" dstmac="00:1a:8c:f0:84:40" srcip="192.168.1.10" dstip="195.154.233.66" proto="17" length="136" tos="0x00" prec="0x00" ttl="64" srcport="51816" dstport="6881" 

    2015:06:17-00:25:57 astaro1-2 ulogd[26352]: id="2022" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" action="drop" fwrule="63001" initf="eth0" threatname="C2/Generic-A" srcmac="00:3e:e1:be:16:79" dstmac="00:1a:8c:f0:84:40" srcip="192.168.1.10" dstip="195.154.233.66" proto="17" length="136" tos="0x00" prec="0x00" ttl="64" srcport="51816" dstport="6881" 

    2015:06:17-03:40:51 astaro1-2 ulogd[26352]: id="2022" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" action="drop" fwrule="63001" initf="eth0" threatname="C2/Generic-A" srcmac="00:3e:e1:be:16:79" dstmac="00:1a:8c:f0:84:40" srcip="192.168.1.10" dstip="195.154.233.66" proto="17" length="136" tos="0x00" prec="0x00" ttl="64" srcport="51816" dstport="6881" 


    Anywhere to look for more info?

    Thanks, James.
Reply
  • 0
    Today's log file shows: 

    2015:06:17-00:25:57 astaro1-2 ulogd[26352]: id="2022" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" action="drop" fwrule="63001" initf="eth0" threatname="C2/Generic-A" srcmac="00:3e:e1:be:16:79" dstmac="00:1a:8c:f0:84:40" srcip="192.168.1.10" dstip="195.154.233.66" proto="17" length="136" tos="0x00" prec="0x00" ttl="64" srcport="51816" dstport="6881" 

    2015:06:17-00:25:57 astaro1-2 ulogd[26352]: id="2022" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" action="drop" fwrule="63001" initf="eth0" threatname="C2/Generic-A" srcmac="00:3e:e1:be:16:79" dstmac="00:1a:8c:f0:84:40" srcip="192.168.1.10" dstip="195.154.233.66" proto="17" length="136" tos="0x00" prec="0x00" ttl="64" srcport="51816" dstport="6881" 

    2015:06:17-03:40:51 astaro1-2 ulogd[26352]: id="2022" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" action="drop" fwrule="63001" initf="eth0" threatname="C2/Generic-A" srcmac="00:3e:e1:be:16:79" dstmac="00:1a:8c:f0:84:40" srcip="192.168.1.10" dstip="195.154.233.66" proto="17" length="136" tos="0x00" prec="0x00" ttl="64" srcport="51816" dstport="6881" 


    Anywhere to look for more info?

    Thanks, James.
Children
No Data