08-25-2010 11:57 AM
When the Threat log shows a vulnerability, is this an actual attack of this vulnerability or is this something that is using software that has this vulnerability?
Trying to determine when to act on the vulnerability (i.e. block).
If a critical level vunerability is an actual attack then it would be no brainer to just block it but if the vulnerability is just potential to be an attack then blocking could be a problem for legitimate traffic. I need help in understanding what the vulnerability log is telling me.
Thanks.
Crill
03-18-2024 10:05 AM
@QLogicAdmin wrote:
Can this response be further clarified please?
sjain wrote:
When you see a threat log corresponding to a vulnerability, it means that our firewall detected some network traffic that could be intended to take advantage of the corresponding vulnerability i.e., an actual attack.
I take this to mean that just because there is traffic intended to attack a vulnerability does not mean that the system being attacked actually has that vulnerability. Is that correct?
Thanks,
Keith
@QLogicAdmin I wish this point of clarification was made. This is the exact question that I have, even 10 years later.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
