My organization's PCs use Windows XP with SP2, and they have firewalls and antivirus software installed. My firewall,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
however, registers constant port scanning. How can I block this activity?
Most importantly, ensure that you're properly configuring both your network and software firewalls to only pass traffic that is explicitly required for business purposes. Such restrictions will resolve 99% of the port scanning activity directed at your network, blocking most attempts before they ever reach your systems. That said, a firewall alone won't completely protect you against port-scanning activity. The attacker will be able to detect ports that you've intentionally exposed to the Internet, and these can provide valuable reconnaissance information for a future attack.
The best line of defense against port scanning threats is a good intrusion prevention system (IPS). Many commercial firewalls -- both hardware and software -- come with the technology, either built-in or available as an optional feature. Alternatively, you may purchase and install a dedicated IPS to protect your network against attack. These systems monitor your network for potentially malicious traffic and block it before the traffic reaches the internal network. In a port-scanning scenario, the IPS recognizes that a particular source address is scanning your network. The intrusion prevention system then blocks that system's access and does so for a specified period of time.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Mike Chapple
It's hard to tell if a company is a HIPAA business associate, but a closer look at HHS documents helps. Expert Mike Chapple discusses a specific case...continue reading
There was speculation in the security world over whether the FedRAMP certification would be helpful or not. Now that it's in full use, Mike Chapple ...continue reading
Medical device companies are part of the health industry, but does that make them a HIPAA covered entity or business associate? Expert Mike Chapple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.