cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4993
Views
8
Helpful
4
Replies

Blocking NMAP port scan in the router

anasubra_2
Level 1
Level 1

Hi All,

We are trying to block NMAP portscan in our routers. Is there a way we would be able to deploy by using ACL's or even other suggestions would be greatly appreciated.

Thanks

Regards

Anantha Subramanian Natarajan

4 Replies 4

mhellman
Level 7
Level 7

This is a question probably better suited for the firewall forum. nmap supports numerous types of port scanning. You might consider using reflexive ACL's:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7c3.html

Thank you very much

Regards

Anantha Subramanian Natarajan

Jon Marshall
Hall of Fame
Hall of Fame

Hi

You could use ACL whether they be reflexive as previous poster suggested or just extended but the problem you have is that if done properly an nmap port scan is very difficult to block without denying legitimate traffic.

Obviously firewalls will block ports but not the ones you open up and thats the main problem.

IPS/IDS on both the network and the host is the better way to approach this but even they are by no means foolproof.

Jon

Hi Jon,

Thanks for the suggestion. We have an IDSM module and how to configure the same to detect the NMAP .

Thanking You

Regards

Anantha Subramanian Natarajan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: