[isalist] Re: All port scan attack

• From: "Steve Moffat" <steve@xxxxxxxxxx>
• To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 27 Apr 2006 18:08:07 -0300

Normally whatever you are comfortable with. Just monitor it for a few
weeks and modify to your preference.

 

Remember also your ISP may be scanning for server services on your
network if it's not a business internet account.

 

S

 

________________________________

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Neil Cassidy
Sent: Thursday, April 27, 2006 6:03 PM
To: ISA Mailing List
Subject: [isalist] All port scan attack

 

I probably set these settings to low, as I see daily numerous port scans
from various IP, but often from an IP range that is my ISP.  Does anyone
else use this and what are the settings you use.  I believe I set it to
10 ports before classifying it as an "attack".  Is this too low?

• References:
  • [isalist] All port scan attack
    • From: Neil Cassidy

Other related posts:

• » [isalist] All port scan attack
• » [isalist] Re: All port scan attack
• » [isalist] Re: All port scan attack

1. Home
2. isalist
3. Archive
4. 04-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---