Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
flowbit noalert blocked?
« previous
next »
Print
Pages: [
1
]
Author
Topic: flowbit noalert blocked? (Read 1275 times)
derhelge
Newbie
Posts: 14
Karma: 1
flowbit noalert blocked?
«
on:
March 06, 2023, 01:00:23 pm »
Hi,
using os-etpro-telemetry there a lot blocked entries in /ui/ids#alerts:
Alert ETPRO EXPLOIT Microsoft Protected Extensible Authentication Protocol RCE xbits set, noalert (CVE-2023-21690)
Alert sid 2853519
From my understanding, these packages should not be blocked? But the table says "blocked"?
Logged
featheredfifth
Newbie
Posts: 6
Karma: 0
Re: flowbit noalert blocked?
«
Reply #1 on:
April 20, 2023, 05:16:32 am »
Hi,
I don't understand ETPRO EXPLOIT well yet. Can someone explain in more detail.
funny shooter 2
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
flowbit noalert blocked?