Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Blocking NMAP port scan in the router

Hi All,

We are trying to block NMAP portscan in our routers. Is there a way we would be able to deploy by using ACL's or even other suggestions would be greatly appreciated.

Thanks

Regards

Anantha Subramanian Natarajan

4 REPLIES
Gold

Re: Blocking NMAP port scan in the router

This is a question probably better suited for the firewall forum. nmap supports numerous types of port scanning. You might consider using reflexive ACL's:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7c3.html

New Member

Re: Blocking NMAP port scan in the router

Thank you very much

Regards

Anantha Subramanian Natarajan

Hall of Fame Super Blue

Re: Blocking NMAP port scan in the router

Hi

You could use ACL whether they be reflexive as previous poster suggested or just extended but the problem you have is that if done properly an nmap port scan is very difficult to block without denying legitimate traffic.

Obviously firewalls will block ports but not the ones you open up and thats the main problem.

IPS/IDS on both the network and the host is the better way to approach this but even they are by no means foolproof.

Jon

New Member

Re: Blocking NMAP port scan in the router

Hi Jon,

Thanks for the suggestion. We have an IDSM module and how to configure the same to detect the NMAP .

Thanking You

Regards

Anantha Subramanian Natarajan

1609
Views
8
Helpful
4
Replies