Port Scan Alerts - Outgoing..not incoming

Comments

1 comment

  • Avatar
    Firewalla

    Port scan detection is done by looking at multiple connections out, and if they happen in a burst, then it is detected as a port scan. With any type of detection, there are false positives, so the best way to look at this is turn on antivirus on your pc/mac and see if it detects anything locally first. If not, next step just block the scanning IP and see which application may have issues. 

    (some applications does do port scan legit fashion, you don't want to break them)

    0
    Comment actions Permalink

Please sign in to leave a comment.