Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1295
Views
0
Helpful
2
Replies

LOG messages

Spinu Viorel
Level 1
Level 1

‎11-26-2008 06:56 AM - edited ‎03-11-2019 07:18 AM

Can u please tell me what these messeges say?

1) %APPFW-4-HTTP_DEOBFUSCATE: Sig:14 Deobfuscation signature detected - HTTP deobfuscation detected IDS evasion technique from 172.31.0.71:15909 to 4.71.209.4:80

2) %APPFW-4-HTTP_STRICT_PROTOCOL: Sig:15 HTTP protocol violation detected - HTTP Protocol not detected from 172.31.5.148:2901 to 72.30.186.249:80

thank u

Labels:
0 Helpful
2 Replies 2

torchris
Level 1
Level 1

‎11-26-2008 03:23 PM

sure

It is an attack

0 Helpful

ariesc_33
Level 1
Level 1

‎11-26-2008 08:13 PM

looks like the attack is coming from the internal network. go check which pc or server is 172.31.0.71 and scan for spyware or worm infection.

for the mean while, you may block this IP to stop it spreading.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card