https://live.paloaltonetworks.com/t5/general-topics/reverse-direction-in-threat-logs/m-p/28290#M20667 <HTML><HEAD></HEAD><BODY><P>When looking at the threat logs the vulnerability for spyware shows my servers as the attacker in the outbound direction. I have an inbound/outbound anti spyware policy and it caught jboss trying to access my network. Why does it show my servers as the attacker in the logs when the connection was initiated from the outside?</P></BODY></HTML> Thu, 25 Apr 2013 21:38:31 GMT das 2013-04-25T21:38:31Z https://live.paloaltonetworks.com/t5/general-topics/reverse-direction-in-threat-logs/m-p/28290#M20667 <HTML><HEAD></HEAD><BODY><P>When looking at the threat logs the vulnerability for spyware shows my servers as the attacker in the outbound direction. I have an inbound/outbound anti spyware policy and it caught jboss trying to access my network. Why does it show my servers as the attacker in the logs when the connection was initiated from the outside?</P></BODY></HTML> Thu, 25 Apr 2013 21:38:31 GMT https://live.paloaltonetworks.com/t5/general-topics/reverse-direction-in-threat-logs/m-p/28290#M20667 das 2013-04-25T21:38:31Z https://live.paloaltonetworks.com/t5/general-topics/reverse-direction-in-threat-logs/m-p/28291#M20668 <HTML><HEAD></HEAD><BODY><P>Hello Das,</P><P></P><P>Is there any proxy involved on this traffic. Logs shows servers IP?</P></BODY></HTML> Thu, 25 Apr 2013 21:44:18 GMT https://live.paloaltonetworks.com/t5/general-topics/reverse-direction-in-threat-logs/m-p/28291#M20668 wesa 2013-04-25T21:44:18Z https://live.paloaltonetworks.com/t5/general-topics/reverse-direction-in-threat-logs/m-p/28292#M20669 <HTML><HEAD></HEAD><BODY><P>There are no proxies that i know of.&nbsp;&nbsp;&nbsp;&nbsp; </P></BODY></HTML> Thu, 25 Apr 2013 22:05:57 GMT https://live.paloaltonetworks.com/t5/general-topics/reverse-direction-in-threat-logs/m-p/28292#M20669 das 2013-04-25T22:05:57Z https://live.paloaltonetworks.com/t5/general-topics/reverse-direction-in-threat-logs/m-p/28293#M20670 <HTML><HEAD></HEAD><BODY><P><SPAN style="color: #000000; font-family: Arial, Helvetica, sans-serif; font-size: 12px; background-color: #e3f3ff;">The Threat could be triggered by request or response packet.</SPAN></P><P><SPAN style="color: #000000; font-family: Arial, Helvetica, sans-serif; font-size: 12px; background-color: #e3f3ff;">Check the Direction in the session/ log details by clicking the magnifying glass icon alongside&nbsp; the log in question.</SPAN></P><P><SPAN style="color: #000000; font-family: Arial, Helvetica, sans-serif; font-size: 12px; background-color: #e3f3ff;"><BR /></SPAN></P><P><SPAN style="color: #000000; font-family: Arial, Helvetica, sans-serif; font-size: 12px; background-color: #e3f3ff;">-Ameya<BR /></SPAN></P></BODY></HTML> Thu, 25 Apr 2013 23:45:10 GMT https://live.paloaltonetworks.com/t5/general-topics/reverse-direction-in-threat-logs/m-p/28293#M20670 UhMayYeah 2013-04-25T23:45:10Z