Question
intrusion attacks
my fg300d keeps detecting a certain foreign IP address as intrusion attacks to my dmz server with ssl heartbleed.
although the firewall dropped the packets, i am still quite worried.
this has been going on for some time.
what else can u do ??
Message meets Alert conditionThe following intrusion was observed: OpenSSL.Heartbleed.Attack.date=2016-04-06 time=22:43:03 devname=FG3002 devid=FGT3HXXXXX logid=04384 type=utm subtype=ips eventtype=signature level=alert vd="root" severity=critical srcip=62.231.xxx.xxx dstip=10.xxx.xx.xx sessionid=2950272399 action=dropped proto=6 service=HTTPS attack="OpenSSL.Heartbleed.Attack" srcport=42726 dstport=443 direction=0 attackid=38315 profile="Web Servers" ref="http://www.fortinet.com/ids/VID38315" incidentserialno=1273634930 msg="applications: OpenSSL.Heartbleed.Attack," crscore=50 crlevel=critical