Endpoint Protection

 View Only

  • 1.  How to exclude an IP (Vulnerability Scanner) from being detected as a port scan

    Posted Nov 15, 2013 01:25 PM

    Hello All,

    We are running a vulnerability scan from the IP "10.150.12.93", however, the endpoint security is detecting this as an attack (port scan). How I can exclude the IP 10.150.12.93 from being detected as an attacker (false positive) since this is something intentional to detect existings vulnerabilities?

     

    HowToExcludeAnIpAddress.png

     

    Thanks,
    Bruno

     

     



  • 2.  RE: How to exclude an IP (Vulnerability Scanner) from being detected as a port scan

    Posted Nov 15, 2013 01:35 PM

    See here

    Setting up a list of excluded computers

    Article:HOWTO81159  |  Created: 2012-10-24  |  Updated: 2013-10-07  |  Article URL http://www.symantec.com/docs/HOWTO81159

     



  • 3.  RE: How to exclude an IP (Vulnerability Scanner) from being detected as a port scan

    Posted Feb 22, 2014 02:31 PM

    Do you need more assistance with your problem or were you able to get it resolved?

    If you could post an update for followers of this thread that would be most helpful.

    Otherwise, if resolved, you can close the thread out by clicking the "Mark as solution" link at the bottom left on the most helpful post. If multiple posts helped to solve your problem, please click the "Request split solution" link at the bottom left, select the most helpful posts and click the "Submit" button. This will benefit admins looking for a resolution to the same problem.

    Thanks and take care,
    Brian