Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Strange Attacks Showing in Analytics

Is anyone else using Analytics 2.5 on-prem and seeing weird messages the the attacks log? I'm seeing messages labeled "S" or some have a question mark unicode character. (see the attachment) I have a support ticket open with SonicWALL, but I'm tired of going a week between responses. We're using an NSa 2700.

Hope I'm not alone in this!


Category: Firewall Management and Analytics
Reply

Answers

  • jwardjward SonicWall Employee

    Based on the logs it appears those are Amazon IP addresses. You may want to check your firewall to see if its logs provide more data on that alert. I do not know of any other cases that were opened on a similar issue.

  • I researched it with the firewall logs and it appears TCP FIN Scans are showing up as a question mark/diamond character in Analyzer.

Sign In or Register to comment.