We are using NGX r60 hfa03 on win2k3.
All out going http goes through a proxy.
I am trying to do a search on cat5 at anixter.com and I get this
In my logs...
Number: 1989555
Date: 12Jun2006
Time: 9:45:54
Product: SmartDefense
Type: Log
Action: Reject
Protocol: tcp
Service: http-No-WI (80)
Source: proxy
Destination: onlinecatalog.anixter.com (12.165.149.126)
Information: reason: WSE0120001 malicious code detected in URL
resource:
http://12.165.149.126/PartDetailServlet?SOURCE=SEARCH&INDEX=0&PAGE=1&PARTNO=2
64262&QUANTITY=&REFERER=SearchResultsServlet%3FQUERY%3DKEYWORD-SEARCH%26SEARC
HCRITERIA%3D%257BLOCATION%253D%252C%2BVIEW_AVAILABLE_PERMISSION_CODE%253DN%25
2C%2BSEARCH_ACTION%253DKEYWORD-SEARCH%252C%2BCATALOG_COUNTRY_CODE%253D2001032
000000000001%252C%2BCLASSIFICATION%253D%252C%2BUSER_ID%253D%2B%2B%2B%2B%2B%2B
%2B%2B%252C%2BCATALOG_LANG%253DEN%252C%2BSEARCH_INCLUDES%253DC%252C%2BKEYWORD
%253Dcat%252B5%257D%26searchPage%3D1
Source Port: 7430
Attack Name: Malicious Code Protector
Don't want to turn off MCP. Any work arounds?
Thanks,
Cmoon
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
