Strange Attacks Showing in Analytics
tubadave17
Newbie ✭
Is anyone else using Analytics 2.5 on-prem and seeing weird messages the the attacks log? I'm seeing messages labeled "S" or some have a question mark unicode character. (see the attachment) I have a support ticket open with SonicWALL, but I'm tired of going a week between responses. We're using an NSa 2700.
Hope I'm not alone in this!
Category: Firewall Management and Analytics
0
Answers
Based on the logs it appears those are Amazon IP addresses. You may want to check your firewall to see if its logs provide more data on that alert. I do not know of any other cases that were opened on a similar issue.
I researched it with the firewall logs and it appears TCP FIN Scans are showing up as a question mark/diamond character in Analyzer.