See attached images. It appears a remote computer is attempting to connect to our network. The ESS dialog box is strange because: 1) the temporarily remember checkbox is greyed-out 2) the (local machine) application name is not indicated 3) the number 41 is not aligned with local port (and is actually nearer to protocol) Furthermore, when checking the remember action checkbox (and clicking deny), a response states that the rule would be too general. It is good that ESS confirms "too general" / "are you sure" in this case, rather than immediately creating a rule that would apply virtually universally. Also, it is possible that the reason temporarily remember is greyed-out is that this is too general a condition (but I believe if a permanent rule is possible, a temporary one should be, too). We continually deny this inbound traffic, but it is impractical to do so hundreds / thousands of times a day, manually, and we are reluctant to create a general rule to handle it. Can anyone advise us on: 1) recommended action / steps when encountering this condition 2) how to determine the targeted local application 3) what 41 is, and, if it is local port, how to ID the protocol 4) why temporarily remember is greyed-out Thanks. .