On Thu, May 10, 2012 at 8:56 AM, Todd Lemmiksoo <[email protected]> wrote: > The company installed NMAP on our Exchange server and > started a scan. Our firewall saw this as an attack and > shut down traffic to/from the Exchange server.
Network scans are often used by attackers, and thus often seen as hostile actions, and thus firewalls are often configured by default to take counter-measures against them. > What would have been a better tool for the consultant to use > in stead of NMAP. Or should they have done a better job of > configuring the NMAP scan. None of the above. They should have coordinated their scan with your network security team. (They prolly shouldn't have used your production Exchange server for a network scan, either.) Your network security team then should then have configured your firewall to make an exception for the machine doing the scan. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
