VNC Software port scanning clients
Updated: 14 Sep 2010 | 3 comments
I have finally found the software that is scanning our machines on our network. I'm in desperate need to solve this problem because I have the boss on the case.....brilliant......On the home tab of our SEPM is showing attacks on our network of 300 plus and I'm pretty confident its all to do with the VNC software we use.I know the local and remote ports that are scanning and being scanned. How can I stop these reports appearing on the home tab and block the constant port scanning that is going.
Thanks for your time
discussion Filed Under:
Comments
Try adding an exception for
Try adding an exception for VNC in the Centralized Exception policy.
See "Configuring a centralized exception for the TruScan proactive threat scans" -
http://seer.entsupport.symantec.com/docs/331009.htm
Best,
Thomas
Unsuccessful Centralized Exception
I've tried adding any detected risks but still having reports of port scanning. I know the ports which are being scanned and the clients that are performing the scanning. They are own machines but aren't any risk. It is our two ICT suites withing our school which are doing the scanning, but I'm unsure of what is performing the scanning. I tried looking at various applications that may have performed the scan. Running netstat -b displayed a list of applications but none that I was looking for. Any more ideas would be greatly appreciated :D
Regards Chris Kellow
Can you give a screen shot of
Can you give a screen shot of the reports...
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Would you like to reply?
Login or Register to post your comment.