Issue with Synology NAS and time machine using UDMP

Hi All,
I installed a Synology NAS today( on it’s own segregated IOT style network using a UDM Pro) for device back ups. During time machine backups for one of the computers I got this . “Threat Management Alert 2: Potentially Bad Traffic. Signature ET NETBIOS DCERPC DCOM ExecuteShellCommand Call - Likely Lateral Movement. From: XXXXXX:port to: NAS:port, protocol: TCP.” and stops the back up. It hasn’t happened elsewhere, even on other machines that run time machine, and only happens with this computer when time machine runs. I can consistently make it happen just by running time machine.

Is this something I should worry about; or should I suppress it and forget about it?

Could you explain how you have Suricata deployed?

  • Suricata version
  • Deployment – IDS, IPS
  • Network topology showing the NAS, computer(s) and Suricata

This will help add context to give us a better idea of your situation.