Hi guys,
my firewall(R55) not always but sometimes reject (in
smartDefebse) CIFS nbsession
here is the complete info from the log
Product: Smart Defense
Attack: Name CIFS worm
Action: Reject
Service: nbsession
Source: 192.168.1.2 (only this secure_remote user)
Destination: email server
Protocol: TCP
Information: CIFS worm pattern detected \lsarpc
is this CIFS (Common Internet File System) which uses
port 139 NETBIOS session or is it a worm?
how can I prevent this from happening, and why is it
happening?
thanks,
Sam
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
