Managed Sentinel – Alert 115
| Alert ID | MS-A115 |
| Alert Name | IP addresses with open ports attacked from Internet. |
| Description | This alert identifies internal hosts using unsanctioned SMTP servers. This is a security risk as it may circumvent the perimeter email antimalware security controls. |
| Severity Level | Low |
| Threat Indicator | |
| MITRE ATT&CK Tactics | Discovery |
| Log sources | iptables |
| False Positives | |
| Recommendations |