Network Protection: Firewall, NAT, QoS, & IPS No Portscans detected

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 5 replies
Subscribers 2 subscribers
Views 998 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No Portscans detected

Spider over 20 years ago

Hi guys,

I enabled portscan i ids settings, but I cen't see why there are not any portscans.

What's wrong here guys,

/Spider

This thread was automatically locked due to age.

0 bagira over 20 years ago

Have a look in the Intrusion Protection logfile. Any entries
/bagira
Cancel
Vote Up 0 Vote Down

Cancel
0 SalishSwede over 20 years ago in reply to bagira

I think I have the same issue.
I've been on two different networks now and I haven't seen a single port scan in ages.
Cancel
Vote Up 0 Vote Down

Cancel
0 weasel over 20 years ago in reply to SalishSwede

The only port scans i'm seeing are from one of my internal machines. Based on the notification email the port scan detection seems to be very basic. Anything that has 10 or more connections in a 1 second time period. The offending server is our internal DNS server, that i'm assuming is forwarding request for unknown DNS request to the root servers...but its odd that i havn't seen even one port scan from Korea or China. Maybe I clicked on the "Enable Port Scan Detection" button the wrong way? [;)]
Cancel
Vote Up 0 Vote Down

Cancel
0 Spider over 20 years ago in reply to bagira

No logfiles at all.
Cancel
Vote Up 0 Vote Down

Cancel
0 SalishSwede over 20 years ago in reply to Spider

It seems that this service has been disabled, probably inadvertently. Or perhaps NIC incompatibilities?
Cancel
Vote Up 0 Vote Down

Cancel