Re: port scans

Rick <rick0.merrill@xxxxxxxxxxxxxxxxxx> writes:

Depending on how you are providing that ftp server out to the internet

What do you mean by "how you provide"?

i.e. Is your server plopped into your DMZ by way of sonicwall
configuration, or are specific ports forwarded from the external IP to
a single or subset of ports on the internal IP of the ftp server?

How you are providing ftp service will affect how port scans will
display to you.

(or any other services) will determine how much port scanning you will
see. And naturally, your ability to see the port scan requires some
sort of software being able to identify a port scan as such.

Ok, I'm not seeing "port scans" as much as I am seeing attempted

Poor choice of subject for the thread then? :-)

- which the Sonicwall stops quite nicely, thank you.

Well, then I guess there's no problem then, you're welcome. :-)

More constructively, though the upshod here is that access attempts
and port scans should be quite expected on any internet facing IP

What's not clear to me, though, is whether that explains what you're
seeing in your logs adequately. Your question never mentioned whether
the FTP server was the only externally facing service you were
providing, for instance.


Relevant Pages

  • RE: FTP and ISA setup
    ... Please follow the instruction described on the following KB to enable external clients to access your FTP server. ... Local port: Fixed port ... Change the EnablePortAttack value to 1. ...
  • RE: Some technical errors
    ... If the SMTP server is not running on port 25 TCP it is not a public ... Manager - Computer Assurance Services BDO Chartered Accountants & ...
  • Re: Managing "capabilities" for security
    ... default tickets are held by the kernel and can be chosen by the parent ... The default ticket for any particular call is assumed unless the ... than to check that the server address on the ticket is good. ... the kernel had to invoke the RPC if the service port IN YOUR ...
  • RE: FTP Proxy
    ... You're right about the server specifying the port -- I ... to get to a single specific outside FTP server. ... And allowing PASV mode means you can't do that with a simple packet ...
  • Re: FTP port number
    ... >I'd like to create a little FTP server for a few clients of ours. ... > avoid using the port 21 for security reasons. ... Are you sure that's really a good security measure? ... Hiding a server like that is really not all that strong of a security ...