This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

zone protection

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

zone protection

Westcon2
L3 Networker

‎10-10-2014 12:07 PM

How do we block synfin port scan.

Labels:
0 Likes Likes
14 REPLIES 14

ssharma
L5 Sessionator

‎10-10-2014 12:14 PM

You can configure zone protection on your outside zone or zone that you are more concerned about.

zone_protect.JPG

You can define various action. In above example, I have asked firewall to block source IP for 300 secs if that ip is trying to scan the tcp port. You can customize the alert and threshold as well. Hope this helps. Thank you.

0 Likes Likes

bat
L5 Sessionator

‎10-10-2014 12:17 PM

Westcon2

Have you tried the syn flood or TCP port scan in zone protection profile ? Is it not working for synfin port scan ?

0 Likes Likes

Westcon2
L3 Networker
In response to bat

‎10-10-2014 12:33 PM

I have applied zone protection policy and it is set on alert.

I tried to port scan using nmap. however i could not see any hits using the command show counter global name flow_parse_l4_tcpsynfin.

Is there any way to see the zone protection logs.

0 Likes Likes

hshah
L6 Presenter

‎10-10-2014 12:34 PM

Hi Westcon,

Zone Protection has ability to block port scan. You can find all relevant configuration in following link.

Understanding DoS Protection

Let us know for additional granular information.

Regards,

Hardik Shah

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks