Menu
What's new
By:
Filters Better Search

AiProtection - Two-Way IPS event

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

OzarkEdge

OzarkEdge

Part of the Furniture
So what does this event mean:
Capture.PNG


I believe the Source IP is assigned to the Destination device, so it seams to suggest that the user (me) was browsing on the Nexus 7 when a WEB Cross-site Scripting event triggered AiProtection Two-Way IPS.

What does Client Device Infected mean? It feels like a false positive to me. Does it simply mean that the client browser encountered an attempt at cross-site scripting and AiProtection blocked it... so no real infection?

OE
 
I haven't seen one of these before. Always wondered if it even worked. They definitely need better documentation to help us understand what is happening. I will be interested also to hear if anyone has insight into an alert like this. I do know if I go to the wicar site and do test download and scripts it shows up on two-way IPS. I just tested their CSS link and it shows as a 'malware accomplice', but I didn't get this warning. It could just be the type of device I'm using (pc versus phone) and the type of attack.
 
You must log in or register to reply here.

Similar threads

J
TWO WAY IPS AIPROTECTION - Whitelist ?
Replies
4
Views
676
jmbinette
J
U
Detection of iPhone Infection
Replies
9
Views
704
User2896
U
I
AIProtection vs Built-in Web Browser protection
Replies
14
Views
2K
bbunge
bbunge
D
Solved Skynet Blocked Devices Question
Replies
2
Views
1K
DJones
D
S
Setting schedule on OpenVPN (Asus Router) for connecting to OpenVPN server?
Replies
0
Views
931
sunactive
S
Similar threads
Thread starter Title Forum Replies Date
P Does AiProtection work when dcd crashes? ASUSWRT - Official 1
I AiProtection - Malicious Sites Blocking, no logs since 10/23 ASUSWRT - Official 3
B Clear, Delete, or Reset AiProtection's Alert Preference Information ASUSWRT - Official 3
L What Routers support AiProtection Pro? ASUSWRT - Official 2
L Does it make sense to have AiProtection enabled? ASUSWRT - Official 5
W Aiprotection update error ASUSWRT - Official 5

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 1,035 (members: 36, guests: 999)
Top