My organization's PCs use Windows XP with SP2, and they have firewalls and antivirus software installed. My firewall,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
however, registers constant port scanning. How can I block this activity?
Most importantly, ensure that you're properly configuring both your network and software firewalls to only pass traffic that is explicitly required for business purposes. Such restrictions will resolve 99% of the port scanning activity directed at your network, blocking most attempts before they ever reach your systems. That said, a firewall alone won't completely protect you against port-scanning activity. The attacker will be able to detect ports that you've intentionally exposed to the Internet, and these can provide valuable reconnaissance information for a future attack.
The best line of defense against port scanning threats is a good intrusion prevention system (IPS). Many commercial firewalls -- both hardware and software -- come with the technology, either built-in or available as an optional feature. Alternatively, you may purchase and install a dedicated IPS to protect your network against attack. These systems monitor your network for potentially malicious traffic and block it before the traffic reaches the internal network. In a port-scanning scenario, the IPS recognizes that a particular source address is scanning your network. The intrusion prevention system then blocks that system's access and does so for a specified period of time.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Mike Chapple
The rights of medical identity theft victims have been confused by health providers, but the rules under HIPAA are actually quite clear. Expert Mike ...continue reading
The New York State Department of Financial Services announced plans to increase cybersecurity regulations for financial firms. Here's what they need ...continue reading
Smaller organizations have a tougher time handling the compliance burden, specifically from the PCI DSS requirements. Expert Mike Chapple has some ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.