Recommended Response To Port Scans?
I have BIS 2013 on my PC, to protect my ADSL2+ connection, and I seem to be getting frequent port scans. At least, I'm getting frequent reports from BD that a port scan has been detected and blocked.
Am I adequately protected, or is there something more I need to do? I understand I can create a rule denying the IP address the scan originates from, but there are so many of them, from different addresses! I'd be creating two or three new rules every day. Is BIS' action against these adequate?
I'm also prompted to ask: what actually generates port scans? I know what they are, but the PC they originate from — they can't all be active hackers, surely? I assume it's automated in some way, because I'll often get multiple scans from the same IP address at regular time intervals for several hours. Is it generated by a virus? More to the point, how do they find *my* IP? Does it mean I have some trojan I haven't detected that's putting out some kind of request for connection? Or do scanners typically sweep a whole range of IP addresses, trying to find a connection? I've tried to ask my ISP, but they were really useless.
Thanks for any help.
Comments
-
Hello
A product update was released. Your build should be 16.24.0.1682(please right click on Bitdefender icon from system tray-near the clock-and choose "About". You should see in the left side the build number).
In order for the product update to be installed, you need to reboot your machine(you should see in the Events -> "Reboot required" under the Update module).
Changelog:
http://forum.bitdefender.com/index.php?sho...st&p=164968
http://forum.bitdefender.com/index.php?showtopic=35499
Let me know if the situation is solved.
Have a nice day.0