Jump to content

Archived

This topic is now archived and is closed to further replies.

hsmithjtek

Detected Port Scanning Attack Whitelist?

Recommended Posts

Hi all,

 

We have a local server doing port scanning for inventory on our network and ERA is complaining about "Detected Port Scanning attack" on some clients for the IP address of that server. I can't find any business articles on how to whitelist an IP address from this alert. 

 

Any insight?

ESET Remote Administrator (Server), Version 6.5 (6.5.522.0)
ESET Remote Administrator (Web Console), Version 6.5 (6.5.388.0)

Windows Server 2012 R2 VM

Thank you.

Share this post


Link to post
Share on other sites

You can exclude specific addresses from an IDS detection in the IDS exceptions setup (available in the policy editor too):

image.png

Alternatively you can right-click the appropriate record in the firewall log and select "Do not block similar events in the future":

image.png

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×