What are some best practices for avoiding port scanning?
The simplest thing you can do to protect yourself from port scan attacks or reconnaissance attacks is to use a good firewall and intrusion prevention system (IPS). It's not possible to protect against all such attacks -- after all, if you're running a Web server, port 80 is obviously going to be visible to the world -- but, this approach will limit an organization's exposure.
The firewall strictly controls which ports are exposed and to whom they are visible, limiting the attack surface discoverable with a port scan. The IPS will detect port scans in progress and shut them down before they are able to gain a full map of your network.
Dig Deeper on Network Intrusion Prevention (IPS)
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.