Network threat blocked
This situation can occur when a port scanning attempt on your system is detected or when an application on your computer tries to transmit malicious traffic to another device on the network or exploit a security hole.
You can find the type of threat and the related device IP address in the notification. Click Change handling of this threat to show the following options:
Continue blocking—Blocks detected threat. If you want to stop receiving notifications about this type of threat from the specific remote address, select the radio button next to Do not notify before you click Continue blocking. This will create an Intrusion Detection Service (IDS) rule with the following configuration: Block - default, Notify - no, Log - no.
Allow—Creates an Intrusion Detection Service (IDS) rule to allow the detected threat. Select one from the following options before you click Allow to specify the rule settings:
•Notify only when this threat is blocked—Rule configuration: Block - no, Notify - no, Log - no.
•Notify whenever this threat occurs—Rule configuration: Block - no, Notify - default, Log - default.
•Do not notify—Rule configuration: Block - no, Notify - no, Log - no.
The information shown in this notification window may vary depending on the type of threat detected. For more information about threats and other related terms, see Types of remote attacks or Types of detections. To resolve the Duplicate IP addresses on network event, see our ESET Knowledgebase article. |