Solved

Port scanning: what would cause it from a PC?

Posted on 2009-07-02
4
232 Views
Last Modified: 2013-12-25
A client is being blocked about once a week from our (LAMP, Cpanel, with IFD firewall) server because of Port Scanning.

What in a PC would cause port scanning from his home isp connection, and how to curtail?

thanks!
0
Comment
Question by:willsherwood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 12

Accepted Solution

by:
kevin_u earned 200 total points
ID: 24768073
If it is really port scanning, its a virus, trojan and the computer may be part of a botnet.  If that PC and/or that user has access to any sensitive information, I'd deny access until it is cleared up.
0
 
LVL 16

Assisted Solution

by:SteveJ
SteveJ earned 300 total points
ID: 24798672
"What in a PC would cause port scanning from his home isp connection, and how to curtail?"

A user with a little bit of knowledge playing with a tool downloaded from the internet that he really doesn't understand.

I agree with kevin u . . . block him until that nonsense stops.

Good luck,
SteveJ
0
 

Author Comment

by:willsherwood
ID: 24799957
the client's PC is idle overnight, he has anti-virus.
doesn anything that's non malicious do port scanning?
0
 
LVL 16

Assisted Solution

by:SteveJ
SteveJ earned 300 total points
ID: 24803269
That depends: if the range is very small . . . sure some apps will try to connect over a small range of ports because they are somewhat firewall savvy and as you say their intention is non-malicious. However, as the range of ports gets larger, it begins to be a stretch to call them non-malicious regardless of their intent because of the consequence.

What is the range of ports being scanned?

Good luck,
SteveJ
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question