Comments
-
No need, I already did. This says nothing about blocking all egress traffic except to a specific IP range or service. It just describes blocking by source, not destination.
-
Current level:
-
Thank you, @TonyA. The odd thing is we have seen very few syn flood attacks in the actual event log, and nothing from our client IPs during this time frame. We only noticed individual packets dropping when running the packet capture. Those don't seem to end up in the event log. Here is an example of one of those packet…