Jump to content

suspicious network activity reported by KES


Recommended Posts

Hi there,

 

Can someone please explain what is happening here? Why is KES reporting this?  Is KES trying to connect to the mailserver and reporting itself to be suspuscious?

 

Event: Suspicious network activity detected
Application name: Kaspersky Endpoint Security
Application path: C:\Program Files (x86)\Kaspersky Lab\KES.12.2.0
User name: <Domain\user>
User type: Active user
Component: Protection
Event date: Today, 23-11-2023 08:39:37
Target server: <mailserver>
Account name: <Domain\user>
Number of attempts: 30
Interval (minutes): 2
Previous attempt: Today, 23-11-2023 08:24:37
Current attempt: Today, 23-11-2023 08:39:37

Link to comment
Share on other sites

Hi Mr. Potatohead,

that Event is only meaning that KES named with Path to AVP.exe has detected a Suspicious network activity.

Could be a Mail what was downloaded or could be a connection to the Mail Server.

Sometimes it is only a false positive Detection.

But you can additional have a look on the Mail Server what happend on the Timestamp.

 

 

Link to comment
Share on other sites

  • 2 weeks later...
On 12/11/2023 at 5:17 PM, Arian.Mohammad said:

Hello, which component exactly detects that? Network threat protection?

do you have any EDR solution available? optimum, expert?

on the KES local interface, you can see Application Network Activity, Which process tried to connect to your server in the period of incident detection time?

Hello @Arian.Mohammad

We are using only KESB for Windows and Linux.

I am not clear about which process tries to connect to server.

Link to comment
Share on other sites

Hello All,

please provide more details, the Event itself or Screenshots of what you are exactly mean.

The KES Event might be different than originally posted.

If you are unsure or not able to provide such information here open a new ticket with Kaspersky Support team to check into.

Thank you in advance

Best Regards

 

  • Thanks 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...