cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who Me Too'd this topic

"Informational" threat has default action of "drop-reset"

L1 Bithead

Threat 30861 "Microsoft Windows Server Service NetrServerGetInfo Opnum 21 Access Attempt" has a severity level of "Informational" but a default action of "drop-reset".  Is it common for such a low sev level threat to have such a drastic response?  It seems like all of the others that I've spot checked have had an "alert" response.

 

It's an older threat from 2009 that was updated in May 2017, maybe something related to that?

Who Me Too'd this topic