1 Reply Latest reply on Mar 7, 2011 4:41 AM by mirrorless

    network intrustion problem -help

       

       

      Dear all

      On EPO threat event log, I currently have  this event with the information below

      Event description: Host intrusion detected and hanled
      Event Category: Network intruion detected
      Event ID: 18001
      Action Taken:Blocked

      The affected port is TCP 88.

      See snapshot  below:

       

      The problem I have here is that the source threat address is an SQL Server while the threat is detected on a desktop pc.

      I have been searching for ways on how to approach and deal with this but have not found any article addressing this.

      Any ideas or links on pdf documents that will help resolve this will be appreciated.

      Snap_2010.12.28 13.41.38_015.png