Difference between revisions of "HIDS 11252"
From Atomicorp Wiki
(Created page with "{{Infobox |header1= Rule 11252 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Multiple connection attempts from same source. }} = Description = ASL is rep...") |
Latest revision as of 15:20, 13 January 2014
| Rule 11252 | |
|---|---|
| Status | Active |
| Alert Message | Multiple connection attempts from same source. |
Contents |
[edit] Description
ASL is reporting that a client has made multiple successful FTP login attempts to the system within a very short period of time (10 connections in 60 seconds).
ASL will not shun on this event, so there is no effect on the end user. We not recommend you disable this rule.
[edit] Troubleshooting
[edit] False Positives
None.
If you do not wish to be alerted to these events, simply disable the rule.
[edit] Tuning Guidance
None.
[edit] Additional Information
[edit] Similar Rules
None.
[edit] Knowledge Base Articles
None.
[edit] Outside References
None.
