<div>
More info: <br />
<br />
Turns out the this workstation is trying to access Spiceworks which resides on our intranet server and his workstation is interpreting the intranet servers communication as an attack. Where can I open up the ports to allow their access to his PC?
</div>


More info:

Turns out the this workstation is trying to access Spiceworks which resides on our intranet server and his workstation is interpreting the intranet servers communication as an attack. Where can I open up the ports to allow their access to his PC?

<div>
If this issue is all internal, you can try the following (from Symantec Support):<br />
<br />
In SEP, click on Change Settings (left side), then click on Network Threat Protection. In the Firewall tab, uncheck &quot;Number of seconds to block&quot; and uncheck &quot;Enable port scan detection&quot;. Then click on OK. I suggest closing out and restarting and then test.<br />
<br />
My laptop was registering port scans by my desktop and printer and this stopped it.
</div>


If this issue is all internal, you can try the following (from Symantec Support):

In SEP, click on Change Settings (left side), then click on Network Threat Protection. In the Firewall tab, uncheck "Number of seconds to block" and uncheck "Enable port scan detection". Then click on OK. I suggest closing out and restarting and then test.

My laptop was registering port scans by my desktop and printer and this stopped it.

<div>
<div class="content wysiwyg-content">
A single user logged on to day and has received an SEP message &quot;A client will block traffic from IP address 192.168.x.x for the next 600 seconds (from 11/5/2014 11:30:15PM to 11/5/2014 11:40:15 PM) Port Scan attack is logged.&quot; <br />
<br />
He tells me that he has received the same message twice more this morning, but nothing further<br />
<br />
The IP address is from our own intranet server. <br />
<br />
Are there some best known troubleshooting steps to resolve this issue (if it is an issue). Thanks.
</div>
</div>


A single user logged on to day and has received an SEP message "A client will block traffic from IP address 192.168.x.x for the next 600 seconds (from 11/5/2014 11:30:15PM to 11/5/2014 11:40:15 PM) Port Scan attack is logged." 

He tells me that he has received the same message twice more this morning, but nothing further

The IP address is from our own intranet server. 

Are there some best known troubleshooting steps to resolve this issue (if it is an issue). Thanks.

Port Scan attacked is logged

Anti-virus software was originally developed to detect and remove computer viruses. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious layered service providers (LSPs), dialers, fraud tools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity theft (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT), botnets and DDoS attacks.

Anti-Virus Apps

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.

Anti-Spyware

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.