I had a problem with FTP connection. Long story short, I tried to download a file using FTP from a server in my network and the IPS detected the request as intrusion, blocking the whole network.
Below the alert received:
The following intrusion was observed: FTP.Text.Line.Too.Long.
date=2018-05-04 time=09:57:56 devname=*** devid=*** logid=*** type=utm subtype=ips eventtype=signature level=alert vd="root" severity=medium srcip=***.***.***.*** srccountry="***" dstip=***.***.***.*** srcintf="***" dstintf="***" policyid=774 sessionid=*** action=dropped proto=6 service=FTP attack="FTP.Text.Line.Too.Long" srcport=65026 dstport=21 direction=outgoing attackid=109445128 profile="***" ref="http://www.fortinet.com/ids/VID109445128" incidentserialno=*** msg="ftp_decoder: FTP.Text.Line.Too.Long," crscore=10 crlevel=medium
Has anyone experienced similar issues using FTP?