11-03-2005 10:27 AM - edited 03-09-2019 12:55 PM
I HAVE A CSA RULE FOR ICMP TO DENY "pre V4.5 description: Detect network scans and SYN flood attacks" MY RULE NUMBER 940 WHICH I BELIEVE DOESN'T MEAN ANYTHING SPECIFIC.
WHEN I SET IT TO DENY AND NOT LOG. I AM STILL RECEIVING SERVAL MESSAGES PER MINUTE.
ANY THOUGHTS
THANKS IN ADVANCE
11-03-2005 07:41 PM
Is the group in test mode? In test mode rules under that group will always log, regardless of the setting. The theory is that if you're testing something you want to see it logging, and when you later take it out of test mode the logging will be off as you have set.
11-07-2005 11:17 AM
These are servers that are out of test mode.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide