Jump to content

Archived

This topic is now archived and is closed to further replies.

pronto

Firewall in ESET Mail Security

Recommended Posts

Servus Community,

we have added two Exchange Server 2016 to our infrastructure this week and are currently analyzing the behavior of the servers. The Exchange infrastructure is accessible via HTTPS over the Internet and today we saw three warnings in EMC that we can't unambiguously interpret now.

It indicates that the firewall has detected some attacks but not what has been done about them. The warnings are listed as unresolved. Probably they are just brute force attacks on the login of the Exchange Command Panel but what makes us suspicious is that we did not knowingly install a firewall. We only installed the Management Agent and the Mail Security.

Is there more information where this firewall comes from now and a best practice tutorial on how to best handle it? And how should we proceed with these unresolved threats?

Thx in advance & Bye Tom

Bildschirmfoto 2019-12-19 um 11.36.56.png

Bildschirmfoto 2019-12-19 um 11.22.34.png

Bildschirmfoto 2019-12-19 um 11.24.49.png

Share this post


Link to post
Share on other sites
4 hours ago, pronto said:

Probably they are just brute force attacks on the login of the Exchange Command Panel but what makes us suspicious is that we did not knowingly install a firewall.

EMS has IDS protection. I believe your brute force attack assumption is correct and that is what Eset IDS detected.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...