Disable notifications of blocked port scans from, or whitelist, specific sources
Background: On my network I have a Unifi UDM Pro which on regular intervals port scans all devices on the network to see if a port is open somewhere that shouldn't be. On computers protected by Bitdefender this causes a notification of blocked port scan to pop up. For computer-savvy persons this popup is just annoying and tends to occur on the most inconvenient times, and for the other users this popup causes them to think that something bad is happening on the network.
New idea, option 1: Be able to create a list of port scan sources that will not cause the popup notification to show. The port scan will still be blocked and this is shown in the Bitdefender log, but you just don't get the popup notification.
New idea, option 2: Create a white list of sources allowed to perform a port scan. This way active security devices can inspect the devices protected by Bitdefender. This way malware and legit software installed in contradiction with local policy will not be protected by port scan blocks. (When Bitdefender blocks the port scan the port scan will fail to detect open ports by installed software not caught by Bitdefender.) The fact that a port scan was detected but allowed since the source was on the white list should be noted in the Bitdefender log.
Comments
-
I actually have the same issue with my UDMP, although the detection of the portscan actually disables the network access to the UDMP. I need to then disable/re-enable the Bitdefender firewall to clear it and then I can access the UDMP again.
I don't want to disable portscans on the UDMP. Is there a way we can set the address of the UDMP IP to allow/ignore the portscans from only that source?
0 -
I have a Firewalla Gold also doing port scan of all network devices. Each time BD detects a port scan, internet access is blocked for about 15-20 seconds on the affected host. It would be great if we could have either of the options described by @LapplandsCohan
0 -
I also have this issue! There needs to be a whitelist
0 -
Same issue here. I have a home automation that scans my network and I need it to be able to see my devices online. Bitdefender is giving me this annoying useless message and blocks my scans.
0 -
Same issue as @PurpleTurkey. I too have a Firewalla Gold however, it seems when it runs a port scan, my Internet is blocked completely until I reboot my PC or disable and re-enable the Firewall in BitDefender. I have disabled port scan for now which resolves the issue just without this added security benefit. It would be nice to have a port scan whitelist.
0 -
Hello @Legusol,
On the network issue, I have seen a couple of reports on the forum and this behaviour is currently being investigated by the developers:
Regards
Premium Security & Bitdefender Endpoint Security Tools user
0