Daily Port Scans -- Multiple Routers

Toggle sidebar Toggle sidebar
N

networkmage

Distinguished
Dec 31, 2015
30
0
18,530
I have a sonicwall set up behing a prosafe Netgear router. The prosafe has a good firewall and security settings.

What I do not understand is why the Sonicwall firewall logs show multiple port scans and intrusion attempts from outside IP's daily, that target all of my vlans/subnets? How are they scanning my interior private network and ports when the Prosafe router should be stopping all of that at WAN.
 
Sort by date Sort by votes
this mostly use as a firewall and not a simple router system ( VPN Firewall ) we you look at link you see this this and not a router with switch so you will have to check the set up in so you wont have to use also soniwall to filter the same thing . stay around someone else might have use this .
 
Upvote 0 Downvote
The scan more than likely is coming from a internal machine.

I can't even think of a way to intentionally allow it to happen. By default all inbound traffic will be dropped because the NAT does not know who to send the traffic to. If you were to put in a DMZ then a single machine could be port scanned because all the ports map to that machine.

Since there is only 1 port 80 as a example a outside attacker can really only scan that port 1 time, it would not be possible to scan a bunch of different internal machine on port 80 because there is only a single IP address on the WAN side.
 
Upvote 0 Downvote
That makes sense...because I see lots of my internal IP's dropping each-other all over the place.

But When most of the port scans occur, in the logs, on all routers, including the Sonicwall, the source IP's show up as outside IP's not internal, that's what I do not understand..and this is happening behind the Netgear Prosafe router(main router) on the Sonicwall logs and separate wireless subnet router logs..all showing outside IP's (china..russia..etc) scanning or dos attempt.

 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom