Socket Filter Warning Message “popup”
search cancel

Socket Filter Warning Message “popup”

book

Article ID: 279543

calendar_today

Updated On: 02-21-2024

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Every time the user connect to a target server via RDP they get a popup window which they have to click multiple times in order to close it.

 

This issue got introduced to this after using SFA 4.0.2 and later versions. Popup window shows on all RDP target servers.

Environment

PAM 4.1.2

SFA 4.0.2 – 4.1.2

Cause

In all latest releases of Windows there are certain system services and background applications that create proxy instances on behalf of the main application and then repeatedly send IP packets with different port/subnet mask range. Thus there are lots of such system generated IP packets with random port and subnet combination that have the potential to raise an SFA alert, because they don't fall into the SFA set IP rule category.

Resolution

The problem is expected to be fixed in 4.1.7+ and 4.2+. If you have this problem at a lower release, and an upgrade is not an option yet, please contact PAM Support.