Jump to content

Disable 'Incoming.Attack.Generic' Warning


pronto

Recommended Posts

Servus Community,

in another thread regarding this 'Disable.Attack.Generic' warning we found a place in the policies where this warning can be disabled but the setting seems not to work because these warnings are still logged. See the attached screenshots.

Thx & Bye Tom

Bildschirmfoto 2020-02-24 um 16.38.07.png

Bildschirmfoto 2020-02-24 um 16.39.59.png

Link to post
Share on other sites
  • Administrators

So what would you like to achieve? If malware or threat is detected, ESET should neither display an alert nor log the detection? That's really not a good thing, it must be always logged at least.

The solution is to determine the root cause of detection and take measures to prevent it.

Link to post
Share on other sites
4 hours ago, Marcos said:

The solution is to determine the root cause of detection and take measures to prevent it.

Servus,

the detections run on two Exchange Server 2016. These are brute force attacks that are applied to the virtual directories of Exchange IIS. I can't get out of this, if OWA and Active Sync should be accessible via the Internet. The problem is not unknown, and we used to use a reverse proxy to prevent it, but we don't have that anymore since Microsoft stopped it's TMG support.

Our goal now is not to prevent these detections but we don't need to have every single successfully blocked attack in our log. This makes the log confusing and trains people to ignore warnings because they think they know what is behind it. An error or warning should be a rare event and every single one should get full attention. This is not possible if you know in advance what to expect in 95% of the warnings.

If there is another solution that we have not yet considered, we would be interested to have a look at it...

Thx & Bye Tom

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...