Announcement

Collapse
No announcement yet.

how to prevent from port scan attack

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • how to prevent from port scan attack

    Hi All ,

    We are using SBS 2000 server , now when i am checking my event log , security log i am receiving the message that all port scan attack is detected by ip x.x.x.x , now how can i stop all this port scan attack , its 5 times in a day , as we are using exchange also on the same server , how can i improve mail security , as sometimes i am receiving mail from [email protected] ( Random mail id to my company mail id ) that you have purchased this things etc..and even i dont know receipant or not even sent any mails ever to them , so how can i stop this things also ...as i have stop telnet service to protect the misuse from out side ..but as we are using live ip and using mail service on this ip ...so how can i improve the security on this situation...

    Peter.

  • #2
    Re: how to prevent from port scan attack

    How is your server connected to the Internet? Even a cheap ADSL or Cable router can do port forwarding. Configure your router to only let ports 25, 80, 110, 443, 444, 1723, 3389 and 4125 through to your SBS at the MOST. Minimum are 443 and 4125, if you don't receive mail directly (needs port 25). That way the port scan will only be on the router and not on the server. Saves CPU cycles!!
    TIA

    Steven Teiger [SBS-MVP(2003-2009)]
    http://www.wintra.co.il/
    sigpic
    Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

    We donít stop playing because we grow old, we grow old because we stop playing.

    Comment


    • #3
      Re: how to prevent from port scan attack

      Hi ,

      Thanks for your great help !!one more thing i want to ask you is i have already stop telnet service even though i can able logged in to my server through out side via telnet "server_name" :25 , why its happen!!as i need to open port25 so that my users can send receive the mails from out side as i am publishing my exchange on internet ..but is it any way i can protect my server to get telnet by out side on port 25 ...

      Peter.

      Comment

      Working...
      X