Jump to content

Detected Port Scanning Attack Whitelist?


hsmithjtek
 Share

Recommended Posts

Hi all,

 

We have a local server doing port scanning for inventory on our network and ERA is complaining about "Detected Port Scanning attack" on some clients for the IP address of that server. I can't find any business articles on how to whitelist an IP address from this alert. 

 

Any insight?

ESET Remote Administrator (Server), Version 6.5 (6.5.522.0)
ESET Remote Administrator (Web Console), Version 6.5 (6.5.388.0)

Windows Server 2012 R2 VM

Thank you.

Edited by hsmithjtek
adding details
Link to comment
Share on other sites

  • Administrators

You can exclude specific addresses from an IDS detection in the IDS exceptions setup (available in the policy editor too):

image.png

Alternatively you can right-click the appropriate record in the firewall log and select "Do not block similar events in the future":

image.png

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...