• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Need to ban IP address for port scanning or multiple failed ftp/rdp logon attempts

I

imported_nunya

Senior member
So I've been on the phone and web all day now trying to find a piece of hardware or software to do this. I need something that will recognize a port scan and block that IP, and also recognize repeated ftp/rdp logon attemps and block those. I'm looking for something under 1k, so far the only things I've found are a 5k cisco box and a 9k juniper box. If anyone has a suggestion I'm open to just about anything.
 
Why not just keep all ports blocked that aren't being used?

Is it always coming from the same IP?? If so, just deny that IP in your ACL.

It would help if you gave more information -- How is the network set up? Is this some home network with a SOHO router, or a corporate, or what?
 
move the router remote management port to a higher nonstandard port, and protect it with a strong password.
Only open ports when you need to use them.
 
This is what is known as Internet background noise.

Some more details would be helpful.

In otherwords, what are you really trying to do here and what is the network evironment.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top