Hello
I have a Firewalla Gold that causes ESET Internet Security (16.2.15.0) to issue warnings of a TCP Port Scanning attack (Win32/Botnet.generic).
I don't think there is malware on the Firewalla Gold device and I believe it is Firewalla's Internal Port Scan that "does scan's to the network to detect services and also devices that are not on your DHCP table."
I have tried to follow [KB2939] Exclude an IP address from IDS in ESET Windows home products (15.x – 16.x) but I don't have the zones this KB article talks about my layout of ESET is different to what is pictured in the KB article.
Is there a way to confirm that it is a legitimate functioning of Firewalla and not any malware?
Thanks
Paul
