Getting multiple DDOS attack alerts from endpoints - network is cut off for a time
search cancel

Getting multiple DDOS attack alerts from endpoints - network is cut off for a time

book

Article ID: 231887

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Getting multiple DDOS attack to different endpoints in the environment. The alert causes the network to be blocked for a time.

Environment

Release : 14.3 RU2

Component : Default-Sym

Cause

It was found that a large number of packets were being received out of order.

Resolution

The product is working as designed since packets are coming out of order. Options are to:

  1. Have the network team figure out why valid network data streams are getting scrambled
  2. Disable DOS to avoid the issue.
Powered by Wolken Software