Our IP address is being blocked because of a network scanner

5 pts.
Tags:
Access Points
Linksys Routers
Network Scanners
Network security
WLAN
WLAN access points
Hello We run a small business with about 20 clients on a lan and wlan architecture. We dont have a centralized management. We have about 10 engineers who are connected to a VPN. They are using a remote application located on a University Server. Today, I received a phone call from their IT manager. ''We are blocking your IP adress beacause it seems that someone in your network is scanning us with a network tool. I am wondering if its necessarily one of the VPN client. I mean what are the odds that one of the clients who dont know the ip of the University, is infected and starts a network scan... I have recomended a full install on all the client of malewarebytes... I dont know what to do more...I have a rv042 router and a wpn4410 access point. What more can I do to determinate the origins of the attacks. Thanks

Answer Wiki

Thanks. We'll let you know when a new response is added.

Check your log and events viewer files (VPN, LAN, and WLAN). If NAT is configured on the network, check the NAT log files. Your log and events viewer files is the good place to start your analysis because it keeps track of processes, transaction, etc.

But if you don’t have an enable log files, it will be difficult to determine. But as a general security rule, always block ports that you’re not using on the network.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • carlosdl
    You are assuming that nobody is intentionally scanning the network, but you should consider that possibility as well. Vulnerability scanners are easy to find and download from the internet, and someone might be testing one against the univiersity's network.
    70,200 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following