12-14-2015 09:21 AM - edited 03-10-2019 06:31 AM
How can I enable Firesight to detect Nmap activity. It detects only with specific nmap keys. Thanks
05-16-2016 11:45 PM
This really depends on what you want do detect.
NMAP is not ment to be detectable. There is no "application detector" for custom crafted packages on a network. :)
05-17-2016 01:08 AM
Hello ,
You should probably give some more details here.
What you mean by nmap activity here ?
We dont have any application detector specifically for nmap.
Regards
Jetsy
09-07-2016 12:32 PM
I have the same problem, I'm using NMAP to do port scan on a single host and I can get all the information of all ports open on that specific host.
I enabled the pre-processor for port scan and enabled the IPS rules with GIP 122:1-122:27. But I can still scan hosts going thought the firepower.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide