Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring TCP Port Scan Attack Screen

This topic describes how to configure detection of a TCP port scan attack.

A port scan occurs when one source IP address sends an IP packet containing TCP SYN segments to a defined number of different ports at the same destination IP address within a defined interval.

To enable detection of a TCP port scan attack:

  1. Configure interfaces and assign an IP address to interfaces.
  2. Configure security zones trustZone and untrustZone and assign interfaces to them.
  3. Configure security policies from untrustZone to trustZone.
  4. Configure security screens and attach them to untrustZone.
  5. Configure syslog.
  6. Commit the configuration.