cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
899
Views
0
Helpful
3
Replies

Nmap vs Firesight

oyeroshe
Cisco Employee
Cisco Employee

How can I enable Firesight to detect Nmap activity. It detects only with specific nmap keys. Thanks

3 Replies 3

Dennis Perto
Level 5
Level 5

This really depends on what you want do detect. 
NMAP is not ment to be detectable. There is no "application detector" for custom crafted packages on a network. :) 

Jetsy Mathew
Cisco Employee
Cisco Employee

Hello ,

You should probably give some more details here.

What you mean by nmap activity here ?

We dont have any application detector specifically for nmap.

Regards

Jetsy 

I have the same problem, I'm using NMAP to do port scan on a single host and I can get all the information of all ports open on that specific host.

I enabled the pre-processor for port scan and enabled the IPS rules with GIP 122:1-122:27. But I can still scan hosts going thought the firepower.

Review Cisco Networking for a $25 gift card