Solved

Port scanning: what would cause it from a PC?

Posted on 2009-07-02
4
224 Views
Last Modified: 2013-12-25
A client is being blocked about once a week from our (LAMP, Cpanel, with IFD firewall) server because of Port Scanning.

What in a PC would cause port scanning from his home isp connection, and how to curtail?

thanks!
0
Comment
Question by:willsherwood
  • 2
4 Comments
 
LVL 12

Accepted Solution

by:
kevin_u earned 200 total points
ID: 24768073
If it is really port scanning, its a virus, trojan and the computer may be part of a botnet.  If that PC and/or that user has access to any sensitive information, I'd deny access until it is cleared up.
0
 
LVL 16

Assisted Solution

by:SteveJ
SteveJ earned 300 total points
ID: 24798672
"What in a PC would cause port scanning from his home isp connection, and how to curtail?"

A user with a little bit of knowledge playing with a tool downloaded from the internet that he really doesn't understand.

I agree with kevin u . . . block him until that nonsense stops.

Good luck,
SteveJ
0
 

Author Comment

by:willsherwood
ID: 24799957
the client's PC is idle overnight, he has anti-virus.
doesn anything that's non malicious do port scanning?
0
 
LVL 16

Assisted Solution

by:SteveJ
SteveJ earned 300 total points
ID: 24803269
That depends: if the range is very small . . . sure some apps will try to connect over a small range of ports because they are somewhat firewall savvy and as you say their intention is non-malicious. However, as the range of ports gets larger, it begins to be a stretch to call them non-malicious regardless of their intent because of the consequence.

What is the range of ports being scanned?

Good luck,
SteveJ
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Two of my three WiFi Routers lose connection 6 52
Resource cost of NAT vs routing 3 64
Radius Debug Error 16 45
Adding switches as opposed to running cables 4 89
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now