11-26-2008 06:56 AM - edited 03-11-2019 07:18 AM
Can u please tell me what these messeges say?
1) %APPFW-4-HTTP_DEOBFUSCATE: Sig:14 Deobfuscation signature detected - HTTP deobfuscation detected IDS evasion technique from 172.31.0.71:15909 to 4.71.209.4:80
2) %APPFW-4-HTTP_STRICT_PROTOCOL: Sig:15 HTTP protocol violation detected - HTTP Protocol not detected from 172.31.5.148:2901 to 72.30.186.249:80
thank u
11-26-2008 03:23 PM
sure
It is an attack
11-26-2008 08:13 PM
looks like the attack is coming from the internal network. go check which pc or server is 172.31.0.71 and scan for spyware or worm infection.
for the mean while, you may block this IP to stop it spreading.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide