Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

false positive?

We had these log entries this morning when we came in. I think this is a false positive. But I don't want to exclude this cloud id yet. Can anyone confirm that this is a false positive? We looked at the event log and concluded that it was Microsoft update + microsoft defender.

12/03/2023 07:28:05 - 809 - Security Services - Alert - 104.110.191.184, 80, X1 - 10.0.0.6, 58617, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:28:05 - 809 - Security Services - Alert - 104.110.191.184, 80, X1 - 10.0.0.6, 58618, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:28:15 - 809 - Security Services - Alert - 104.110.191.184, 80, X1 - 10.0.0.6, 58620, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:28:15 - 809 - Security Services - Alert - 104.110.191.184, 80, X1 - 10.0.0.6, 58621, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:28:18 - 809 - Security Services - Alert - 104.110.191.198, 80, X1 - 10.0.0.6, 58622, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:28:28 - 809 - Security Services - Alert - 104.110.191.198, 80, X1 - 10.0.0.6, 58624, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:43:19 - 809 - Security Services - Alert - 2.18.121.202, 80, X1 - 10.0.0.7, 49992, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:43:19 - 809 - Security Services - Alert - 2.18.121.71, 80, X1 - 10.0.0.7, 49993, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:43:29 - 809 - Security Services - Alert - 2.18.121.202, 80, X1 - 10.0.0.7, 49999, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:43:29 - 809 - Security Services - Alert - 2.18.121.71, 80, X1 - 10.0.0.7, 49998, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:43:33 - 809 - Security Services - Alert - 2.18.121.71, 80, X1 - 10.0.0.7, 50000, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:43:43 - 809 - Security Services - Alert - 2.18.121.71, 80, X1 - 10.0.0.7, 50002, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

12/03/2023 07:43:43 - 809 - Security Services - Alert - 104.110.191.184, 80, X1 - 10.0.0.7, 50005, X2:V2 - Gateway Anti-Virus Alert: (Cloud Id: 67452589) XPACK.GEN (Trojan) blocked.

Category: Firewall Security Services
Reply

Answers

Sign In or Register to comment.