Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

simple ids question - detecting scans

Can someone confirm that a Cisco NIDS will detect TCP or UDP portscans?

ie - if I have a internal host and someone is running a scanner (ie- NMAP) looking for open TCP or UDP ports... Will this log or trigger a signature on the IDS?

1 REPLY
New Member

Re: simple ids question - detecting scans

If you have a signature on the IDS to alert/log this as interesting traffic

if you have the sensor on the correct network segment

if you have the the sensor on a SPAN or Monitor port

If If If .....But yes it should. I use Super Scanner to test CSIDS after installation to ensure it is at least seeing and reporting obvious port scans.

89
Views
0
Helpful
1
Replies