A scanning is always the first step of a malware to infect other hosts, or a hacker to intrude your system. Network administrators should also pay attention to the port scanning. If a host send a group of TCP SYN packets to a target host continuously in a short time, it is recognized as a TCP port scan.
If there is any item in this tab, you should go deep into the packet level to check out if the host is doing a harmless scan. If you are not sure and the source host is in your network, you should check out whether it's infected with any worm of left any backdoor. But if the source is remote, you should figure out whether your firewall is secure enough to prevent the attack.
TCP Port Scan will be recognized against their default threshold values, you can customize these values to let Capsa find out the problems more accurately in your network, read Security Analysis Settings for details.
|
Back |
| Copyright © 2001 - 2011 Colasoft. All rights reserved. |