Can someone confirm that a Cisco NIDS will detect TCP or UDP portscans?
ie - if I have a internal host and someone is running a scanner (ie- NMAP) looking for open TCP or UDP ports... Will this log or trigger a signature on the IDS?
If you have a signature on the IDS to alert/log this as interesting traffic
if you have the sensor on the correct network segment
if you have the the sensor on a SPAN or Monitor port
If If If .....But yes it should. I use Super Scanner to test CSIDS after installation to ensure it is at least seeing and reporting obvious port scans.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: