My organization's PCs use Windows XP with SP2, and they have firewalls and antivirus software installed. My firewall,...
however, registers constant port scanning. How can I block this activity?
Most importantly, ensure that you're properly configuring both your network and software firewalls to only pass traffic that is explicitly required for business purposes. Such restrictions will resolve 99% of the port scanning activity directed at your network, blocking most attempts before they ever reach your systems. That said, a firewall alone won't completely protect you against port-scanning activity. The attacker will be able to detect ports that you've intentionally exposed to the Internet, and these can provide valuable reconnaissance information for a future attack.
The best line of defense against port scanning threats is a good intrusion prevention system (IPS). Many commercial firewalls -- both hardware and software -- come with the technology, either built-in or available as an optional feature. Alternatively, you may purchase and install a dedicated IPS to protect your network against attack. These systems monitor your network for potentially malicious traffic and block it before the traffic reaches the internal network. In a port-scanning scenario, the IPS recognizes that a particular source address is scanning your network. The intrusion prevention system then blocks that system's access and does so for a specified period of time.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Mike Chapple
Are nonprofit organizations, like higher education institutions, subject to FTC cybersecurity regulations and oversight? Expert Mike Chapple explains.continue reading
It's important for healthcare organizations to have a clear social media policy. Expert Mike Chapple explains what needs to be in the policy to stay ...continue reading
SOC 2 evaluations can be helpful tools for organizations assessing their HIPAA compliance, but companies should not solely rely on them. Compliance ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.