Solved

Port scanning: what would cause it from a PC?

Posted on 2009-07-02
4
227 Views
Last Modified: 2013-12-25
A client is being blocked about once a week from our (LAMP, Cpanel, with IFD firewall) server because of Port Scanning.

What in a PC would cause port scanning from his home isp connection, and how to curtail?

thanks!
0
Comment
Question by:willsherwood
  • 2
4 Comments
 
LVL 12

Accepted Solution

by:
kevin_u earned 200 total points
ID: 24768073
If it is really port scanning, its a virus, trojan and the computer may be part of a botnet.  If that PC and/or that user has access to any sensitive information, I'd deny access until it is cleared up.
0
 
LVL 16

Assisted Solution

by:SteveJ
SteveJ earned 300 total points
ID: 24798672
"What in a PC would cause port scanning from his home isp connection, and how to curtail?"

A user with a little bit of knowledge playing with a tool downloaded from the internet that he really doesn't understand.

I agree with kevin u . . . block him until that nonsense stops.

Good luck,
SteveJ
0
 

Author Comment

by:willsherwood
ID: 24799957
the client's PC is idle overnight, he has anti-virus.
doesn anything that's non malicious do port scanning?
0
 
LVL 16

Assisted Solution

by:SteveJ
SteveJ earned 300 total points
ID: 24803269
That depends: if the range is very small . . . sure some apps will try to connect over a small range of ports because they are somewhat firewall savvy and as you say their intention is non-malicious. However, as the range of ports gets larger, it begins to be a stretch to call them non-malicious regardless of their intent because of the consequence.

What is the range of ports being scanned?

Good luck,
SteveJ
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question