Blocking NMAP port scan in the router

Unanswered Question
Jul 17th, 2007

Hi All,

We are trying to block NMAP portscan in our routers. Is there a way we would be able to deploy by using ACL's or even other suggestions would be greatly appreciated.

Thanks

Regards

Anantha Subramanian Natarajan

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Jon Marshall Tue, 07/17/2007 - 09:50

Hi

You could use ACL whether they be reflexive as previous poster suggested or just extended but the problem you have is that if done properly an nmap port scan is very difficult to block without denying legitimate traffic.

Obviously firewalls will block ports but not the ones you open up and thats the main problem.

IPS/IDS on both the network and the host is the better way to approach this but even they are by no means foolproof.

Jon

anasubra_2 Thu, 07/19/2007 - 07:43

Hi Jon,

Thanks for the suggestion. We have an IDSM module and how to configure the same to detect the NMAP .

Thanking You

Regards

Anantha Subramanian Natarajan

Actions

This Discussion