Ask the Expert

Port scan attack prevention best practices

What are some best practices for avoiding port scanning?

    Requires Free Membership to View

The simplest thing you can do to protect yourself from port scan attacks or reconnaissance attacks is to use a good firewall and intrusion prevention system (IPS). It's not possible to protect against all such attacks -- after all, if you're running a Web server, port 80 is obviously going to be visible to the world -- but, this approach will limit an organization's exposure.

The firewall strictly controls which ports are exposed and to whom they are visible, limiting the attack surface discoverable with a port scan. The IPS will detect port scans in progress and shut them down before they are able to gain a full map of your network.

For more information:

This was first published in August 2009

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.