Dear All,
I've enabled the Portscan detection and removed all networks from the list so that all networks are protected...
Then I've set notification Levels (Detected/blocked) both on High and Mediun severity.
I've then did a scanning test using the Gibson research Shields-up test for the first 1056 ports... (www.grc.com)
After the scanning was finished, The checking was not blackholed (it still showed port 443 open after scanning 442 ports the portscan detector was not triggered) and no
notification email was received althogh portscan detection is enabled.
What are the pre-requisite to have portscan working? there is no option to blackhole a portscan user?
Thank you in advance!
neko.
This thread was automatically locked due to age.
