So our project allows Facebook interaction. Mars sends out this Incident Event type every time someone attaches to Facebook. Is this something I can just False Positive out or should I be concerned about it? What is Facebook sending back to our network so we get this message on Mars?
Which device is sending this alert to MARS? If it's an IPS sensor, check the description of the signature to see what kind of behavior will trigger the alert. To see what Facebook is sending back to your network, you can do a sniffer trace and analyze the packets.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...