This message was deleted.
# neuvector-securitya
adamant-kite-43734
04/26/2023, 1:40 PMThis message was deleted.
q
quaint-candle-18606
04/26/2023, 1:41 PMhmmm. đ¤ is it possible to create a custom group that represents these? What kind of security event is it?
p
prehistoric-advantage-39331
04/26/2023, 1:43 PMDNS.Zone.Transfer. It looks like it created network rules already to permit the DNS protocol from the container to the 'external' group, but that hasn't stopped the events for the zone transfers.
q
quaint-candle-18606
04/26/2023, 1:44 PMWould you mind screen-capâing that event? đ
p
prehistoric-advantage-39331
04/26/2023, 1:45 PMSure:
q
quaint-candle-18606
04/26/2023, 1:47 PMoh yes, thatâs right⌠this is one of the built-in attack alerts.
quaint-candle-18606
04/26/2023, 1:48 PMthis may sound annoying/weird, but you may need to make a Response Rule to squelch that in your instance
p
prehistoric-advantage-39331
04/26/2023, 1:48 PMOK. I can do that - thanks!
q
quaint-candle-18606
04/26/2023, 1:48 PMmaybe confine it to the group or groups affected. đ
p
prehistoric-advantage-39331
04/26/2023, 1:49 PMYeah, I'll narrow it down to the specific application and external address - there shouldn't be anything else that does this.
q
quaint-candle-18606
04/26/2023, 1:50 PMYeah. NV has a few things that itâs all â_This is A Very Bad Thing⢠and you canât change my mind about itâ_. đ
đŻ 1
13 Views