You are examining the firewall log file and see several entries that say, "Port Scan Attack!!!" You want more information on these entries.
By default, the Symantec Firewall/VPN Appliances (all models) prevent all access initiated from outside the protected network. Any outbound requests originating inside the protected network are allowed through the firewall, and inbound responses to these requests are passed back to the requestor. In this default state, any traffic that is directed at the external (public, or Internet-facing) interface of the SFVPN, is blocked.
If you configure the Virtual Server or Custom Virtual Server functions of the firewall, inbound traffic is allowed through on the ports you specify, and traffic is sent to the computers you specify.
In either scenario, the "Port Scan attack" log entry appears any time that there is inbound traffic to ports not specifically allowed to the external interface of the firewall. These notifications are informative and should not cause concern.
Imported Document Id
This is machine translated content
Login to Subscribe
Please login to set up your
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Didn't find the article you were looking for? Try these resources.