Jump to content

Unresolved Detection -> Action: Blocked


Recommended Posts

Servus Community,

I have conflicting information on several detections in our Exchange Server. There are three unresolved detections logged, but theaction type  is indicated as blocked. What exactly is my to do now?

Thx & Bye Tom

Bildschirmfoto 2022-09-19 um 14.47.24.png

Edited by pronto
misstyping
Link to comment
Share on other sites

If you haven't applied the latest Microsoft security patches, you need to do ASAP. Exchange server vulnerabilities are at the top of the list of exploits being deployed by hackers.

Edited by itman
Link to comment
Share on other sites

12 hours ago, itman said:

If you haven't applied the latest Microsoft security patches, you need to do ASAP. Exchange server vulnerabilities are at the top of the list of exploits being deployed by hackers.

Thank you for your attention. Okay, the security patch from August was missing, we are up to date with the CU. But why does a match with an IP blacklist produce a red error? According to my information, ESET itself partly does not know which vulnerability was tried to be exploited. So far, they were always shown as resolved when the connection was finaly blocked.

Thx in advanced & Bye Tom

Link to comment
Share on other sites

  • Administrators

The IP is a known source of attacks: https://www.abuseipdb.com/check/91.72.187.242

Looks like the target and source IP addresses are swapped in the console, please check it direct on the client and report it to technical support, if they are swapped.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...