Jump to content

Alerts about "security vulnerability explotation attempt"


Recommended Posts

Hello everyone, 

Im using ESET remote administrator and deploying ESET Endpoint/Server Security on my machines, im having MailEnable server,

Im getting alot of alerts about "security vulnerability explotation attempt" 

the process name is - C:\Program Files (x86)\Mail Enable\Bin64\MESMTPC.exe - MailEnable SMTP Connector

 

i reached out MailEnable and got an answer " theres no vulnerability from our side" and closed my ticket, 

the question is, is there any way i can investigate this? cause im talking about 100+ alerts per day, its getting blocked by my FW\Eset blacklisted IPs, but still, is there anyway i can validate theres no vulnerability from my side? 

any help would be appreciated, thanks !

Link to comment
Share on other sites

  • Administrators

My understanding is that the server is exposed to the Internet and not being behind a firewall that would allow only the necessary communication along with SMTP. As a result, it's being targeted by attackers and these attempts are detected and blocked by ESET's network protection. Please provide logs collected with ESET Log Collctor on the server.

Link to comment
Share on other sites

  • Most Valued Members

If this server has to be faced to the internet , it's better to have a good hardware/virtual machine firewall protecting it which could stop all these attempts in the firewall level, for example Fortinet or Palo-Alto NGFW which can help in that case , for now the one stopping the attacks is ESET , when you have a firewall like this , you will add another layer of protection and those attacks will be held by the firewall.

Even if the software is up-to-date and for now as the developers said there are no zero-days but that won't stop the attempts to scan for vulnerabilities and a one might appear one day.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...