Skip to main content

Port scanning.. should i be concerned ??

Comments

8 comments

  • smoge
    Report to your data center with logs
    0
  • keat63
    I actually called the server provider, to ask if these servers were anything to do with them, maybe DNS servers or similar. The guy confirmed that they are indeed their servers, but these are other customers servers. I've checked again this evening and it seems that CSF has blocked them permanently
    0
  • 24x7ss
    Block the IP's from which port scanning done. File Abuse complaint to your DC so that they have to take action on that servers.
    0
  • keat63
    i've reported them this morning. Thanks
    0
  • Serra
    As for the question, "Should you be worried?" No, you should not be worried. Port scanning is a very easy task for script using hackers. On a secure server, it really isn't all that useful or dangerous.
    0
  • quizknows
    Generally when I get reports like these in my data center, it is because the other customers have dropbox with the lansync feature enabled. Lansync sends out tons of broadcast traffic. Likely that's what it is; I'd just block them. You can be sure if your logs show port 17500 that it is dropbox and not intentionally malicious. I usually see it on windows servers, which is consistent with you seeing IIS.
    0
  • cPanelMichael
    ]I've checked again this evening and it seems that CSF has blocked them permanently

    Right, as mentioned, the scan itself is relatively harmless. Note that if you are concerned about overall security of your system, the Security Advisor is a good place to start: Security Advisor Thank you.
    0
  • keat63
    ]Right, as mentioned, the scan itself is relatively harmless. Note that if you are concerned about overall security of your system, the Security Advisor is a good place to start: Security Advisor Thank you.

    I'm still tweaking security advisor and csf, but still have a heck of a lot to learn.
    0

Please sign in to leave a comment.