Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
cfirpo_FTNT
Staff
Staff

Created on ‎02-06-2017 11:39 AM Edited on ‎08-03-2023 02:54 AM By Moderator

Article Id 196222

Technical Tip: How to block NMAP port scanner

Description

 
This article describes how to block the NMAP port scanner, which is a popular tool for network administrators and attackers alike. As the name implies, it can scan a network for open ports and IPs, providing a basic map of the infrastructure. Attackers can use this to then design an exploit.
 
Scope
 
FortiGate.


Solution

 
There are two choices to protect a network from being scanned.
 
  1. Block the 'Portmap' signature in application control, and then apply application control on all internet-facing policies.
    Blocking applications with custom signatures.

  2. Configure a Denial of Service Policy and set the threshold low enough to block an NMAP scan. Refer to the administration guide for information on how to configure a DoS policy.

 

Related article:

Technical Note: How to set up application control on v5.2.

Labels:
32612
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.