unexpected data in protocol

Discussion in 'ESET Smart Security' started by scottjrob, May 29, 2009.

Thread Status:
Not open for further replies.
  1. scottjrob

    scottjrob Registered Member

    May 29, 2009
    70-80 of our 100 clients show "Detected unexpected data in protocol" in the Last Firewall Alert. Recently we updated to Remote Admin 3.1.11, but I'm not sure if the alert started due to the update.

    The firewall log states the source IP is the IP of our PBX. I'd exclude that IP if possible, but I don't see where to do it. I've used the configuration editor to uncheck the box for "Application protocol content filtering: Yes."

    We are working with our phone vendor to fix the root of the problem, and not just tell Eset to stop logging it, but I do not know how soon we'll find an answer. I have a feeling the firewall logs are quickly filling up, but I do not know where to look to be sure.

    Thank you, -scott
  2. agoretsky

    agoretsky Eset Staff Account

    Apr 4, 2006

    A technical support engineer will probably need to examine a packet capture to determine what part of the payload is generating this error.

    You can capture the flagged packets by following the instructions in ESET knowledgebase article #742, "How to activate special logging of the Personal firewall" and and mail it to support@eset.sk along with a link to this message thread so it can be analyzed by one of ESET's support engineers.


    Aryeh Goretsky
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.