The Outbound Security Reports says that certain protocols are not filtered. Does that mean someone is connecting to that?

RapidFire Tools
Network Detective
Security Assessments

The security scan does not look at what is actively listening or connecting to but rather what potentially can be connected to. It means that the firewall should be set to block things like MS RPC and such. What we do is have a listening server that listens and connects to all protocol ports. The data collector will attempt to connect to our listener. If we can, then the firewall is not filtering that protocol in particular.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Contact us

Browse this section

External Vulnerability Scan Interference
Where are the Insecure Listening Ports listed in the Reports?
Outbound Security Report - User Controls explained
The Outbound Security Reports says that certain protocols are not filtered. Does that mean someone is connecting to that?
What are CPE, HOST-T and IT-Grundshultz ports on the Vulnerability Scan Detail report?
Why are we limited to 50 IP addresses when scheduling an External Vulnerability scan?
Does the website section of the security report mean someone is visiting those sites?
How often are external vulnerability scan definitions updated?
What is the purpose of the Outbound Vulnerability Report?
Data Breach Liability - What does the PII scan look for?