Jump to content

Intucom

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Ok, good to hear. Thank you for your help. Is it possible to explain the cause/reason of this "blacklisting"?
  2. Hi, apparently one of our clients cannot send any Network packets to the domain mmc.at nor the subdomains mailscan02.mmc.at, mailscan01.mmc.at (Mail-Servers). MMC are Hosting-Providers and our exchange-servers cannot send to any mails to this domain. Can you please remove the block of this domain? Or explain why this domain and subdomains are blocked. One interesting thing: when DNS-resolving one of the affected Domain names we are getting 127.42.0.x DNS-Name Resolutions back - thus failing all requests to that domain. How is this exactly working? Is this the intended way to block "mailicious" websites/domains? Also i cannot get to fix this DNS-query so it will point to the correct IP-Addresses. Kind Regards, INTUCOM
  3. According to @knguyen1, who sent me a direct message. It IS a bug, which will be fixed in an upcoming version update. For us, it is sufficient enough to know that those are just false positives, so we do not need to disable this warning. If you want to disable this you can reach out to @knguyen1. I will mark this topic as solved.
  4. Hi @all, we are using Endpoint Protection for our Windows Server 2019 machines. Since last week we are receiving several "Exploit"-Detections (see attached screenshot) on different machines on different networks in regular intervals (all affected machines have TerminalServer-Services enabled and more than 20 users are working on them). Thankfully those "Exploits" are getting blocked, but obviously the cause cannot be removed or suppressed - which is quite unfortunate. The "Location"-Attribute of the detections is making me nervous (ComSpec=C:\Windows\system32\cmd.exe seems pretty dangerous) - any idea how to track down the cause or the corrupt program/file (if there is any)? Any idea how to prevent those Exploit-Detections? Thanks in advance
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.