Typically we wouldn't want to see packed executables attempting to be retrieved from the WAN, but these occured at regular 15 minute intervals and the source IP was owned by Trend Micro. Digging in the WFBS console I found:
Anyone have experience with UPX compression? Is this standard practice for AV definitions to come as a packed executable? Or is the burden on SonicWALL here to get a little more detailed?
Very thoughtful bloog
ReplyDelete