Internet requests filling firewall logs

Posted on 2006-05-05
Last Modified: 2013-11-16
I have taken over a site a few months ago of which I have installed a firewall on, reading through the firewall logs there are hundreds of requests for port 135, 139, 445, 1026 and a few other ports all from different ip's

I had planned to open up 443 for owa over ssl but am reluctant due to the amount of access blocks logged in the firewall from outside ip's. Is this normal can anything  be done other than asking there isp for a new static ip and also should I be concerned about opening 443 under these circumstances

Question by:Sid_F
    LVL 25

    Accepted Solution

    won't help.  those are standard ports you listed that hackers scan for.  I have a ton of them on my firewall logs too.  you can change IPs if you wish, but it should take long before you get them again.  

    for what the ports are generally used for look at this url
    LVL 26

    Assisted Solution

    by:Leon Fester
    What Cyclops said is 100% correct.

    But you should not be too concerned about publishing port 443. If you're going to use SSL, and port 443, then you're already placing a level of trust in your site certificates. With OWA you can enable a various levels of SSL enforced security, including how invalid certificates are being handle. I don't know of any incidents where a SSL ports has been compromised after just a few port scans. It does take awhile to break 128-bit encryption.

    Port scans are quite common on all internet facing firewalls these days.

    You could try disabling ICMP requests to you external IP, as some programs will first test if the server is up and replying to a ping request before attemping a port scan.
    LVL 5

    Author Comment


    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
    This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now