hsmithjtek 0 Posted May 16, 2018 Share Posted May 16, 2018 (edited) Hi all, We have a local server doing port scanning for inventory on our network and ERA is complaining about "Detected Port Scanning attack" on some clients for the IP address of that server. I can't find any business articles on how to whitelist an IP address from this alert. Any insight? ESET Remote Administrator (Server), Version 6.5 (6.5.522.0) ESET Remote Administrator (Web Console), Version 6.5 (6.5.388.0) Windows Server 2012 R2 VM Thank you. Edited May 16, 2018 by hsmithjtek adding details Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted May 16, 2018 Administrators Share Posted May 16, 2018 You can exclude specific addresses from an IDS detection in the IDS exceptions setup (available in the policy editor too): Alternatively you can right-click the appropriate record in the firewall log and select "Do not block similar events in the future": Link to comment Share on other sites More sharing options...
Recommended Posts