cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
945
Views
3
Helpful
3
Replies

Port Scanning - Very urgent

londint
Level 1
Level 1

Please how can I stop anyone from doing a port scanning on our network and as well to flag it up if they were to attempt this?

Thanks

3 Replies 3

jlkeys
Level 1
Level 1

IDS would help but usually has to be placed in-line with the traffic.

Kananavicius
Level 1
Level 1

If your router has firewall it is possible to stop scanning

Of the ports, If not with access list is not possible to stop it

bbaillie
Level 1
Level 1

One method to secure the local VLAN when one host attempts to scan another within its own VLAN or subnet is a private vlan configuration and it will be denied. When the port scanner attempts to traverse a router to another subnet an ACL can be used under the premise that workstations don't do peer to peer, workstations talk to servers not other workstations so a properly designed ACL can block and log workstations attempting to contact other workstations on differing subnets and denied the activity.

Places to start your research:

http://www.cisco.com/en/US/products/hw/switches/ps4324/products_tech_note09186a0080094830.shtml

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008013565f.shtml

Brian

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: