Ziggino
asked on
F-Secure reports its receiving tcp 139 with source and destination address equal vlan interface brodacast address. Any ideas of what can causing this?
We quite often receive alarms from F-Secure FW saying its blocking malicious traffic on tcp 137 from source address VLAN/subnet broadcast address. (10.140.XXX.255) as both source and destination address.
Does anybody know what can be the reason for this and how to find the source?
Does anybody know what can be the reason for this and how to find the source?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.