Intrusion Detection System (ids) And Block Port Scan Attempts Options

Why the option "Block Port Scan Attempt" works not under IDS and available as a part of Firewall Module? Because when I turned off Firewall, IDS still remain ON but the "Block Port Scan Attempt" becomes inactive. And what option detects Network Attack which are not limited to port scan attempts?

Find more posts tagged with

Comments

Georgia

Hi ONT,

I guess you know by now that IDS is related to Active Virus Control, not to Firewall, although it's located under the Firewall settings (if you check previous Bitdefender versions like 2011, 2010 and older, you will notice that the Advanced configuration for Antivirus includes AVC and IDS, on the same panel).

This is why Block Port scans turns off when you disable the Firewall, but not the same happens with IDS.

coolcool1227

Hi ONT,

I guess you know by now that IDS is related to Active Virus Control, not to Firewall, although it's located under the Firewall settings (if you check previous Bitdefender versions like 2011, 2010 and older, you will notice that the Advanced configuration for Antivirus includes AVC and IDS, on the same panel).

This is why Block Port scans turns off when you disable the Firewall, but not the same happens with IDS.

Some information from old topic

http://forum.bitdefender.com/index.php?showtopic=32104

What I can understand that you designed the IDS for the system for inbound security, means IDS blocks malicious activity inside the system and can't block the intrusion from the outside unlike other vendors which design IDS for detecting malicious attack/activity for both way intrusions/attack etc. Also you claim that AVC + IDS = HIPS which is also not correct. Can debate on this more if you are interested.

coolcool1227

Any further comments?

coolcool1227

Any reply?