We received a blocked malware "Trojan.GenericKD.33018871" how do we check where did it come from or what internal/external ip address
If this was blocked by your firewall, then your firewall logs will show the source of it.
Are you logging to Dimension, WSM Log Server or Watchguard Cloud ?
If so, look there.
The log message ID should be 1CFF000E or 1CFF-000E with a reason of "GAV Virus found"
Ok, will check. Thanks again Bruce!
Forgot to ask on the last message. How do you know the message ID codes? is there a reference table?
Many thanks again Bruce!