Advice Request Gdata detect a port scan...

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

rainspell

Level 1
Thread author
Verified
Mar 18, 2018
20
Hi,

yesterday Gdata IS, I used since 2 weeks tells me a port scan was detected on my PC. It was he first time I see a message like this...
Since 20 years, none of the software I used, from KIS to Avast IS, detected something like that...

What should I do ?
Isn't a port scan usually the first step of an attack ?

Best regards,
rainspell
 

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
Hi,

yesterday Gdata IS, I used since 2 weeks tells me a port scan was detected on my PC. It was he first time I see a message like this...
Since 20 years, none of the software I used, from KIS to Avast IS, detected something like that...

What should I do ?
Isn't a port scan usually the first step of an attack ?

Best regards,
rainspell
can you go there and make a screenshot of the log entry that is about this notification?
Ps1Ei2.png
 

rainspell

Level 1
Thread author
Verified
Mar 18, 2018
20
Hi,

the "funny" thing is that I wasn't able to find any log of this scan port...
Nothing was recorded on Gdata dashboard...
 

mekelek

Level 28
Verified
Well-known
Feb 24, 2017
1,661
Hi,

the "funny" thing is that I wasn't able to find any log of this scan port...
Nothing was recorded on Gdata dashboard...
I haven't seen something having a notification but no log entry with GData.
 

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
Nothing to worry...it's common with G data firewall since it's very paranoid after Dr web
The thing is when I ran Trend micro House Call to scan my pc..he detected the port scan as well...Kaspersky caught that too..;)

It's that that worried me a lot...
When an attacker uses Nmap or Wireshark around your region..depends on the impact of it..Since Even a Free firewall stealth ports to most extent...You are free from the trouble
 
Last edited by a moderator:

rainspell

Level 1
Thread author
Verified
Mar 18, 2018
20
Nothing to worry...it's common with G data firewall since it's very paranoid after Dr web
The thing is when I ran Trend micro House Call to scan my pc..he detected the port scan as well...Kaspersky caught that too..;)

Thanks for your answer :) Firewall is on optimal : it could be the explanation. On medium level, Gdata may have not report anything.
I will wait and see if it occurs again.
 

L0ckJaw

Level 19
Verified
Content Creator
Well-known
Feb 17, 2018
870
Do you have a hardware firewall in your router ? if so then that one blocks attacks too.
 
  • Like
Reactions: frogboy

rainspell

Level 1
Thread author
Verified
Mar 18, 2018
20
Do you have a hardware firewall in your router ? if so then that one blocks attacks too.

Yes, I am behind an hardware firewall ;-) But he is not as configurable as the Netgear router I used in the past : it is provided by my ISP.
 
  • Like
Reactions: frogboy

rainspell

Level 1
Thread author
Verified
Mar 18, 2018
20
I just found the log - it was in the firewall logs, I haven't checked...

"Un ordinateur distant a analysé les services Internet (ports) ouverts de votre ordinateur. Le pare-feu a bloqué cette attaque.
Info réseau:
Réseau : Wi-Fi 2
Ordinateur distant : 172.217.19.46 (United States) (mrs08s03-in-f14.1e100.net (United States))"

In fact, I think there's nothing to worry about. A quick look at Whois : IP adress is one of Microsoft.
Good to see a firewall detect and block a legitimate request that some others AV will have let pass.
In matter of privacy Gdata seems to be very good:love:
 
D

Deleted member 65228

A false positive is not a good thing
Case by case basis.

With a firewall it could be helpful because it shows the firewall component is a bit sensitive which means it could also aid in preventing a more sophisticated attack which would have surpassed other vendors who have a more strict firewall.

The downside is it is only helpful if you are already knowledgeable and experienced.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top