My organization's PCs use Windows XP with SP2, and they have firewalls and antivirus software installed. My firewall,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
however, registers constant port scanning. How can I block this activity?
Most importantly, ensure that you're properly configuring both your network and software firewalls to only pass traffic that is explicitly required for business purposes. Such restrictions will resolve 99% of the port scanning activity directed at your network, blocking most attempts before they ever reach your systems. That said, a firewall alone won't completely protect you against port-scanning activity. The attacker will be able to detect ports that you've intentionally exposed to the Internet, and these can provide valuable reconnaissance information for a future attack.
The best line of defense against port scanning threats is a good intrusion prevention system (IPS). Many commercial firewalls -- both hardware and software -- come with the technology, either built-in or available as an optional feature. Alternatively, you may purchase and install a dedicated IPS to protect your network against attack. These systems monitor your network for potentially malicious traffic and block it before the traffic reaches the internal network. In a port-scanning scenario, the IPS recognizes that a particular source address is scanning your network. The intrusion prevention system then blocks that system's access and does so for a specified period of time.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.