N
Notan
Any reason that Microsoft (65.55.240.12) should be doing port scans?
Thanks!
Notan
Thanks!
Notan
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
D
David H. Lipman
From: "Notan" <[email protected]>
| Any reason that Microsoft (65.55.240.12) should be doing port scans?
|
| Thanks!
|
| Notan
Are you sure it is truly a Port Scan rather than a FireWall application merely stating
something to the that effect ?
You didn't post anything that is indicative of a Port Scan.
| Any reason that Microsoft (65.55.240.12) should be doing port scans?
|
| Thanks!
|
| Notan
Are you sure it is truly a Port Scan rather than a FireWall application merely stating
something to the that effect ?
You didn't post anything that is indicative of a Port Scan.
N
Notan
David H. Lipman said:From: "Notan" <[email protected]>
| Any reason that Microsoft (65.55.240.12) should be doing port scans?
|
| Thanks!
|
| Notan
Are you sure it is truly a Port Scan rather than a FireWall application merely stating
something to the that effect ?
You didn't post anything that is indicative of a Port Scan.
It was a (software) firewall report... Kerio Personal Firewall.
How can I tell if it's a legitimate port scan?
Thanks!
Notan
C
Carey Frisch [MVP]
Contact Kerio Personal Firewall support.
--
Carey Frisch
Microsoft MVP
Windows - Shell/User
Microsoft Community Newsgroups
news://msnews.microsoft.com/
-------------------------------------------------------------------------------------------
:
| It was a (software) firewall report... Kerio Personal Firewall.
|
| How can I tell if it's a legitimate port scan?
|
| Thanks!
|
| Notan
--
Carey Frisch
Microsoft MVP
Windows - Shell/User
Microsoft Community Newsgroups
news://msnews.microsoft.com/
-------------------------------------------------------------------------------------------
:
| It was a (software) firewall report... Kerio Personal Firewall.
|
| How can I tell if it's a legitimate port scan?
|
| Thanks!
|
| Notan
D
David H. Lipman
From: "Notan" <[email protected]>
|
| It was a (software) firewall report... Kerio Personal Firewall.
|
| How can I tell if it's a legitimate port scan?
|
| Thanks!
|
| Notan
You'd have to examine the logs. Usually a Port Scan is not just one port but a series of
ports seeking a vulnerability. Often software FireWalls mistakenly call a re-attempt at a
communication as a port scan or other nefarious action. For example, you went to a web site
or DNS server and communication is broken unexpectedly. The remote site tries to respond
and sends multiple packets which are sometimes misinterpreted as a nefarious act.
Only an examination of an actual TCP/UDP log can determine if it really is a port scan. My
feelings are this is a FireWall over exuberant misinterpretation.
|
| It was a (software) firewall report... Kerio Personal Firewall.
|
| How can I tell if it's a legitimate port scan?
|
| Thanks!
|
| Notan
You'd have to examine the logs. Usually a Port Scan is not just one port but a series of
ports seeking a vulnerability. Often software FireWalls mistakenly call a re-attempt at a
communication as a port scan or other nefarious action. For example, you went to a web site
or DNS server and communication is broken unexpectedly. The remote site tries to respond
and sends multiple packets which are sometimes misinterpreted as a nefarious act.
Only an examination of an actual TCP/UDP log can determine if it really is a port scan. My
feelings are this is a FireWall over exuberant misinterpretation.
N
Notan
David H. Lipman said:From: "Notan" <[email protected]>
|
| It was a (software) firewall report... Kerio Personal Firewall.
|
| How can I tell if it's a legitimate port scan?
|
| Thanks!
|
| Notan
You'd have to examine the logs. Usually a Port Scan is not just one port but a series of
ports seeking a vulnerability. Often software FireWalls mistakenly call a re-attempt at a
communication as a port scan or other nefarious action. For example, you went to a web site
or DNS server and communication is broken unexpectedly. The remote site tries to respond
and sends multiple packets which are sometimes misinterpreted as a nefarious act.
Only an examination of an actual TCP/UDP log can determine if it really is a port scan. My
feelings are this is a FireWall over exuberant misinterpretation.
Again, thanks!
Notan