Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
Blocking Netscan/port scans?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Blocking Netscan/port scans? (Read 5373 times)
cguilford
Full Member
Posts: 130
Karma: 15
Blocking Netscan/port scans?
«
on:
July 12, 2018, 04:38:03 pm »
I'm curious if there is a way to auto block port scanning? Some kind of stealth mode maybe? What I'm seeing in my logs is a bunch of deny's which is great, but seems I'm often being hit on port 23 (denied).. which is of course telnet, and I don't have it open same for rdp ports and many others that are always being hit by the same ip over and over. I'm assuming it's a botnet trying to find a way in or someone trying to brute-force. I see there is intrusion detection which I turned on then the next day turned off because it seemed to cut my internet speed from 400mb to like 40mb? Maybe that's a configuration issue? Any help is greatly appreciated.
Logged
marjohn56
Hero Member
Posts: 1701
Karma: 179
Re: Blocking Netscan/port scans?
«
Reply #1 on:
July 12, 2018, 09:23:34 pm »
There is no way to stop another system from scanning your ports, your best defense is a firewall.
I use various blocklists and geo blocking to keep them at bay. When I see an ip address that tries to attack through my few open ports, it gets added to my plonker list and that's the end of that.
Logged
OPNsense 24.7
-
Qotom Q355G4
- ISP -
Squirrel 1Gbps
.
Team Rebellion Member
- If we've helped you remember to applaud
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
Blocking Netscan/port scans?