Results 1 to 2 of 2
  1. #1
    Newbie
    Join Date
    Oct 2018
    Posts
    2

    Default IPS not logging Nmap scan

    Hello- I may be missing the point but am not understanding this behavior. I have upgraded to 14.1.0xxx and have the processing power and memory so have turned on all 6 of the default installed IPS rules. So far, so good, seems to be working fine, but tonight I ran a zenmap “intense scan plus UDP” against my external IP where the Untangle UTM sits at its edge, from a separate machine completely outside the target’s domain. The untangle IPS didn’t log, block, flag, anything related to the scan, as though it didn’t notice it. The source IP nor any of its hops were logged by the IPS. The scan showed the expected open ports on the UTM (80, 443, etc.) Shouldn’t the IPS at least log these port scans using the stock signatures/rulesets? Thanks!

  2. #2
    Master Untangler cblaise's Avatar
    Join Date
    Jul 2014
    Location
    Burlington, VT
    Posts
    133

    Default

    Thanks for the feedback. We'll look into it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2