Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

disable lateral movement path detection

Copper Contributor

Is it possible to disable lateral movement path detection ? I just discovered a lot of outging TCP-Connections to TCP-Port 135 in state TIME_WAIT. Event-ID 4227 is logged in System Event log from time to time. I assume this is realted to SAM-R request in context of lateral movement path detection.

4 Replies
best response confirmed by cscherb (Copper Contributor)
Solution

@cscherb Yes, contact support to verify this is indeed the cause, and if decision is to disable it, the support engineer can provide you with a script that will disable this feature, but in general you shouldn't see any problem with it.

Thanks lot for your quick response !
Just to be shure: Request to remote SAM are done by ATA Lightweight Gateway and not bei ATA Center ?
1 best response

Accepted Solutions
best response confirmed by cscherb (Copper Contributor)
Solution

@cscherb Yes, contact support to verify this is indeed the cause, and if decision is to disable it, the support engineer can provide you with a script that will disable this feature, but in general you shouldn't see any problem with it.

View solution in original post