This message was deleted.
# neuvector-security
a
This message was deleted.
q
hmmm. 🤔 is it possible to create a custom group that represents these? What kind of security event is it?
p
DNS.Zone.Transfer. It looks like it created network rules already to permit the DNS protocol from the container to the 'external' group, but that hasn't stopped the events for the zone transfers.
q
Would you mind screen-cap’ing that event? 🙂
p
Sure:
q
oh yes, that’s right… this is one of the built-in attack alerts.
this may sound annoying/weird, but you may need to make a Response Rule to squelch that in your instance
p
OK. I can do that - thanks!
q
maybe confine it to the group or groups affected. 🙂
p
Yeah, I'll narrow it down to the specific application and external address - there shouldn't be anything else that does this.
q
Yeah. NV has a few things that it’s all “_This is A Very Bad Thing™ and you can’t change my mind about it”_. 😄
💯 1