R W
asked on
Probable TCP NULL Firewall Alert
We have a third party company that scans and alerts us of our syslogging however once in a while something comes up that I can't really describe.
Probable TCP NULL scan detected
System Affected(DIP):
UID IP SIP DIP Dport
STLinternet
10.2.2.25
10.1.1.77
10.2.2.25
80
10.2.2.25 is our hardware firewall. 10.1.1.77 is our SIEM EIQ. Could someone help me make sense of this alert?
Probable TCP NULL scan detected
System Affected(DIP):
UID IP SIP DIP Dport
STLinternet
10.2.2.25
10.1.1.77
10.2.2.25
80
10.2.2.25 is our hardware firewall. 10.1.1.77 is our SIEM EIQ. Could someone help me make sense of this alert?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER