Tolete Posted July 20, 2021 Author Share Posted July 20, 2021 Hi Team I have in the Kaspersky Report the alert of “ Scan.Generic.PortScan.UDP 192.168.1.221:7 worm” and I would like to know if it’s real attack or if is it an error or false positive ?Kaspersky Version for server is 10.1.2.996Thanks Link to comment Share on other sites More sharing options...
Vimaro Posted July 21, 2021 Share Posted July 21, 2021 Dear user,Thanks for your post. From admin perspective, you should take a look of timestamp for that event and check internally with other colleagues if someone used a Port Scan application like NMAP, WireShark or any other. Check the field “Attacking computer IP”. If there is an internal address, this could be an FP. Link to comment Share on other sites More sharing options...
Recommended Posts