This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG SFOS 16.01 - Anti-Portscan?

Greetings all,

I'm currently using the home version of Sophos XG and was wondering if there is a way to block port scans? I know that UTM has the ability for anti-portscans, but does XG have this capability as well?

Thanks.

Mike

This thread was automatically locked due to age.

Parents

0 sachingurung over 8 years ago

Hi Luk and Mike,

Take a look at my guide here. Now, start a port scan on XG and take a drop packet capture. You can see a denied log id=0103021, check the system log format attached to my guide. This is the denied entry for appliance access.

By default, XG will drop such traffic unless the ports are explicitly allowed through the device access option.

Hope that helps :)
Cancel
Vote Up 0 Vote Down

Cancel
0 Billybob over 8 years ago in reply to sachingurung

sachingurung said:

By default XG will drop such traffic, unless the ports are explicitly allowed through the device access option.
Luk is right, anti portscan means that when a portscan is detected, even open ports are hidden from the scanning software. This has been available in UTM since v5 I believe. Very nice feature.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Billybob over 8 years ago in reply to sachingurung

sachingurung said:

By default XG will drop such traffic, unless the ports are explicitly allowed through the device access option.
Luk is right, anti portscan means that when a portscan is detected, even open ports are hidden from the scanning software. This has been available in UTM since v5 I believe. Very nice feature.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data