Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Enabling features found during penetration testing

I received this from the vendor doing penetration testing:

Exposure Description:

Port scanning is a process by which services such as web servers and mail servers are determined to exist or not exist. Intruders employ automated port scanning utilities that work fast to determine the existence of services on an Internet connection. Most firewalls have the ability to block such fast port scans as they occur deceiving an attacker into believing that no ports or services are available on the targeted Internet connection. Since this information does not lead to any direct system compromise or theft of data, it receives a medium threat rating.

Solutions:

1. Consult the vendor or provider of your firewall or IDS/IPS product for details on how to setup port scan blocking.

I am running IPS 7.0 on my ASA5510 device. Is port blocking active by default on this or do I have to do something? (Sorry for the newbie question).

153
Views
0
Helpful
0
Replies
CreatePlease to create content