Managed Sentinel – Alert 115

Alert IDMS-A115
Alert NameIP addresses with open ports attacked from Internet.
DescriptionThis alert identifies internal hosts using unsanctioned SMTP servers. This is a security risk as it may circumvent the perimeter email antimalware security controls.
Severity LevelLow
Threat Indicator
MITRE ATT&CK TacticsDiscovery
Log sourcesiptables
False Positives
Recommendations