deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-23 02:37:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/device-security/auditing/event-5148.md
Yusuf Ozturk c8182dad77 Typo fix for ICMP DoS Attack 
Additional ICMP typo fix
2017-05-29 11:47:07 +02:00

1.5 KiB
Raw Blame History

title, description, ms.pagetype, ms.prod, ms.mktglfcycl, ms.sitesec, author
title description ms.pagetype ms.prod ms.mktglfcycl ms.sitesec author
5148(F) The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded. (Windows 10) Describes security event 5148(F) The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded. security w10 deploy library Mir0sh

5148(F): The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded.

Applies to

  • Windows 10
  • Windows Server 2016

In most circumstances, this event occurs very rarely. It is designed to be generated when an ICMP DoS attack starts or was detected.

There is no example of this event in this document.

Subcategory: Audit Other Object Access Events

Event Schema:

The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded.

Network Information:

Type:%1

Required Server Roles: None.

Minimum OS Version: Windows Server 2008 R2, Windows 7.

Event Versions: 0.

Security Monitoring Recommendations

  • This event can be a sign of ICMP DoS attack or, among other things, hardware or network device related problems. In both cases, we recommend triggering an alert and investigating the reason the event was generated.