IAM - Host launches DoS attack against external network

syedjahanzaib Lv1Posted 22 Nov 2022 13:36

I am seeing few alerts from my trusted workstations (which have updated antivirus / antimalware installed)

PFA atached image.

Time:11-18 14:08:42
Username:
10.11.18.19
Group:
-
Protocol:UDP
URL/Directory:
-
Src IP:
10.11.18.19
Src Port:64167
Dst IP:
224.0.0.252
Dst Port:5355
Threat Level:High
Action:Alert
Description:
Host launches DoS attack against external network.

Seems False. Is it ok to Ignore these alerts? Or howto rectify them?

66046637c5effb4f00.png (57.75 KB, Downloads: 640)

66046637c5effb4f00.png

dosattack.png (52.43 KB, Downloads: 626)

dos attack

dos attack

Naomi has solved this question and earned 20 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

This is a false positive.
Is this answer helpful?
Faisal P Posted 05 Dec 2022 10:18
  
Could a false positive.
arjay Lv3Posted 01 Dec 2022 00:54
  
Maybe it's a false positive. If still doubting, try to isolate the machine from the network using the endpoint protection management.
jetjetd Lv5Posted 29 Nov 2022 00:21
  
looks like the host is executing a DOS attack. Kindly isolate that host and run a scan through it.
Pat Lv4Posted 28 Nov 2022 16:32
  
yes, it is false positive
Imran Tahir Lv4Posted 28 Nov 2022 14:07
  
It maybe positive falase
kmrnliaqat Lv3Posted 28 Nov 2022 12:47
  
this is false positive
KarenD Lv2Posted 28 Nov 2022 11:11
  
In my experience, it is usually an application that is updating, and the strangest is my cloud storage that is updating the backup, which causes the alerts.
Happpy Lv3Posted 28 Nov 2022 11:01
  
It is just an application updating to its servers.
Rashley Lv2Posted 28 Nov 2022 10:57
  
But, in my experience, it is usually an application that is updating, and the strangest is my cloud storage that is updating the backup, which causes the alerts.
damulagski Lv3Posted 28 Nov 2022 10:57
  
False alarm, false postive

I Can Help:

Change

Moderator on This Board

1
3
5

Started Topics

Followers

Follow

Board Leaders