Why is there a large amount of Port Scanning Prevention Filter entries in F-Secure firewall blocks.log?

header {margin:52px 0 0 0} #dropdownnavi {float:left; clear:both; margin: -2px 0 20px -12px;} header .row {width:100%} header .row:nth-child(1) {background-color:#0014a0} header .container, footer .container {max-width:1172px; margin: auto;} .top-header {height:53px;} .bottom-header {height:52px;} .Header-logo {width: 10%;float: left;} .Header-logo img {width: 105px; margin: 11px 8px 8px 16px;} .header-top-links {float: right; margin: 1px 29px 0 0;} .header-top-link, .header-bottom-item {cursor: pointer; display: inline-block; font-size: 14px; font-weight: 400; line-height: 52px; margin: 0 15px; position: relative; text-align: center; } .header-top-link, .header-bottom-item a {text-decoration:none;} .header-top-link {color: #fff; margin: 0 10px 0 12px;} .header-top-link.active {margin-right:12px} .header-top-link.active::after {width: calc(100% + 30px)!important} .header-top-link.active::after, .header-top-link:hover::after {background: #fff;} .header-bottom-link {color: #1e1e1e;} .header-bottom-item .header-bottom-link {margin:0 15px} #homeLink {margin-left:1px} .kb-lang-title {width:100%;text-align:center;font-weight:600;color:black; margin:0} .header-right {float: right; margin: 10px 48px 0 0; padding: 3px; height: 30px; border-radius: 3px;} #signin {margin-top:5px} #signin a {text-decoration: none; color:#1e1e1e; } .signin-icon {float: left; height: 20px; padding: 0 5px 20px 0;} #profiledropdown {padding: 2px; border-radius: 3px; margin-top: -3px;} #profiledropdown:hover {cursor:pointer; background-color:#0014a0} #profilename #profileicon {background: #dfdfdf; border-radius: 25px; width: 28px; height: 28px;} #profile-menu ul {list-style: none; padding-left:0} #profile-menu ul li {padding:10px 0 10px 20px;font-size: 15px;} #profile-menu ul li:hover, #articleslink p:hover, #dashboardlink p:hover {cursor:pointer; background-color:#efefef;} #profile-menu ul li a {text-decoration:none; color:#1e1e1e} #profile-menu hr {border:1px solid #efefef} #articleslink hr, #dashboardlink hr {margin:0} #articleslink .title {padding: 0;text-align: center; font-weight: 600;} #articleslink p, #dashboardlink p {padding:10px 0 10px 20px;} #articleslink p a, #dashboardlink p a {text-decoration: none; color:#1e1e1e;} #articleslink .draftslink:hover, #dashboardlink p:hover {padding: 10px 0 10px 20px;} .header-coveosearch {position: relative; margin-top: -53px;} .header-search {display:inline-block;padding:15px 0 0 0;} .searchboxtoggle {color:white;} .header-searchcontainer {float: right; margin:0 18px 0 0; height:52px} .search-icon {color:white;} .expand {display:inline-block;} .collapse {display:none;} .searchboxtoggle .opensearch-icon, .searchboxtoggle .closesearch-icon {cursor:pointer;height:26px; width:26px; vertical-align: middle; filter:invert(1)} .header-searchbox {height:52px;} #kbsearch {display:block;margin: 0 0 0 auto; height:53px; box-sizing: border-box; border: 1px solid white; font-size: 14px; padding: 14px 0 10px 15px;} header-searchbox.active, #kbsearch:focus {width: 100%; transition: 1s ease-in-out;} .Footer {background:#f6f6f6;color:#555a62;font-size:16px;line-height:1.5;padding:18px 0; border-top:1px solid #c4c4c4} .Footer .footer-logo-wrap .footer-logo {height: auto; max-height: 32px; width: auto; margin-top:20px} .Footer .col {padding:0 0 0 15px;width: 20%; font-size: 13px; display: table-cell; vertical-align: top;} .Footer .footer-links-wrap {padding-bottom: 15px; border-bottom: 1px solid #c4c4c4;} .Footer .footer-links-wrap .col:nth-child(2), .Footer .footer-links-wrap .col:nth-child(3), .Footer .footer-links-wrap .col:nth-child(4) {border-right:1px solid #c4c4c4} .Footer .col ul {list-style: none;} .Footer .col:nth-child(2) ul {padding: 0;} .Footer .col ul li a {color: #1e1e1e; text-decoration: none;} .footer-link-title {text-transform: uppercase; color: #1e1e1e;} .footer-link-subtitle {font-size:14px; color: #1e1e1e; max-width:95%} .footer-icon {float: left; height: 30px; padding: 0 10px 60px 0;} .col-copyRight a, .social-icons-wrap a {display:inline-block; padding:5px 0; text-decoration: none; color: #1e1e1e; } .social-icons-wrap {float:right} .Footer a:hover, .Footer .col ul li a:hover {color:#0014a0} footer.Footer .row.bottom-row {padding-top:5px} footer.Footer .row.bottom-row .col.col-copyRight * {font-weight:400} social-link:hover {cursor:pointer} social-link:hover svg {fill:#0014a0} #signin .header-bottom-item.header-bottom-link {display:inline-block; margin-top: -16px;} #signin a:hover {color:#0014a0} footer.Footer .row.footer-links-wrap .col.footer-links .footer-link, footer.Footer .row.bottom-row .col.col-copyRight, footer.Footer .row.bottom-row .col.col-copyRight * {color: #9e9e9e;} footer a:hover {color:#0014a0!important} @media screen and (max-width:991px){ header {margin:0} header .row:nth-child(1) {height:64px} .Header-logo img {margin: 17px 8px 8px 16px;} .Hamburger-border {position: absolute; right: 60px; border-left: 1px solid #fff; height: 64px; width: 50px; top: 0; z-index: 20; border-right: 1px solid white; padding-right: 10px;} .Hamburger {display:block;position: absolute; top: 8px; left: calc(100% - 52px); z-index: 20;-webkit-box-align: center; -webkit-box-pack: center;-webkit-user-select: none; align-items: center; background: transparent; border: none; border-radius: 0;cursor: pointer;justify-content: center; outline: none;transition: .35s;} .Hamburger-menuXcross {height: 25px; padding: 0; width: 26px;} .Hamburger-menuLines {-o-transition: .35s;-webkit-transition: .35s; background-color: #fff; border-radius: 2px; display: inline-block; height: 2px; position: relative; transition: .35s; width: 26px;} .Hamburger-menuLines::before {top: 6px; } .Hamburger-menuLines::after {top: -6px;} .Hamburger-menuLines::after, .Hamburger-menuLines::before {-ms-transform-origin: 5.5px center;-o-transition: .35s;-webkit-transform-origin: 5.5px center;-webkit-transition: .35s;background-color: #fff;border-radius: 2px; content: ""; display: inline-block; height: 2px;left: 0;position: absolute;transform-origin: 5.5px center;transition: .35s;width: 26px;} .sr-only {position: absolute !important;width: 1px !important;height: 1px !important;padding: 0 !important;margin: -1px !important;overflow: hidden !important;clip: rect(0,0,0,0) !important;border: 0 !important;} .Hamburger-menuXcross.isToggled .Hamburger-menuLines::before {-webkit-transform: rotate(45deg); transform: rotate(45deg);} .Hamburger-menuXcross.isToggled .Hamburger-menuLines::after {-webkit-transform: rotate(-45deg);transform: rotate(-45deg);} .Hamburger-menuXcross.isToggled .Hamburger-menuLines::after, .Hamburger-menuXcross.isToggled .Hamburger-menuLines::before {-ms-transform-origin: 50% 50%;-webkit-transform-origin: 50% 50%;background-color: hsla(0,0%,100%,.6); left: 0;top: 0;transform-origin: 50% 50%;width: 26px;} .Hamburger-menuXcross.isToggled .Hamburger-menuLines {background: transparent;} .isToggled .Hamburger-menuLines {-webkit-transform: scaleX(1);transform: scaleX(1);} #signin {text-align:center; margin: auto; color:white} #signin a {text-decoration: none; color:white;} .header-top-links, .bottom-header {display: none} .header-coveosearch {margin-top:0} .header-searchcontainer {color: white; text-align: right; margin: 8px 18px 0 0;} .header-search { padding: 11px 0 0 0; width: 60px; margin: auto; display: block; position: absolute; right: 17px; top: 8px;} .searchboxtoggle {color:white} .header-searchbox {position: absolute; right: 60px; top: 0; width: 300px;} #kbsearch {height:66px} .banner-middleContainer_f1l0wf96 {box-shadow: inset 0 10px 10px -10px #000;} #homeLink, #helpForumsLink, #FaqsLink, #userguidesLink, #supportLink, .header-right {width:100%; text-align: left; margin: 0; } #userguidesLink, #supportLink {border-top: 1px solid #dfdfdf;} #helpForumsLink, #FaqsLink {margin: 0 0 10px 25px;} .top-header-link {text-transform: uppercase; font-weight:700; color:#1e1e1e; font-size:14px; padding:15px 15px; line-height: 2em;} #dropdownnavi .top-header-link {margin: 3px 0 0 10px;} .header-bottom-link::after {background:none;} .header-bottom-item .header-bottom-link {margin:0 10px} .depth-1-list, .depth-2-list, .depth-3-list {list-style: none; margin: 0; padding:0 0 0 40px} .kb-lang-title {text-align:left;} #menu-dropdown {margin-top: -20px;} #kb-menu-dropdown .depth-2-list.open {padding-left:30px} .depth-1-list a, .depth-2-list a, .depth-3-list a {color:#1e1e1e} .smdropdown-alt {line-height: 0; margin:0 padding: 0 0 10px 0;} .smdropdown-link {color:#acacac!important; font-style: italic;} .depth-1-list, .depth-2-list, .depth-3-list {display: none; margin: -20px 0 20px 0; padding: 0 0 0 15px;} .header-right {float: right;padding: 8px 0; height: 30px; border-radius: 0; box-shadow: 0 3px 5px #1e1e1e; background:#0014a0; text-align: right;} #profiledropdown {width: 30px; float: right; margin-right: 40px} #profiledropdown:hover {background: none} #profiledropdown:hover #profile-menu {display: none} #profileicon {margin-top:2px} #profile-menu {display: none; position: absolute; left: 5%; background: white; width: 90%; text-align: left; z-index: 400; border: 1px solid #dfdfdf; border-radius: 3px; box-shadow: 0 5px 5px #dedede;} .open {display: block;} .Footer .col {display: block; width:90%; padding: 0 20px 15px 20px} .Footer .col.col-copyRight, .Footer .col.col-social {width:90%} footer .container {width:95%} .col.footer-logo-wrap {text-align: center;} .col-copyRight a, .social-icons-wrap a {padding: 10px 0 0 0;} .Footer .footer-links-wrap .col:nth-child(2), .Footer .footer-links-wrap .col:nth-child(3), .Footer .footer-links-wrap .col:nth-child(4) {border-bottom:1px solid #c4c4c4; border-right:none} a.dropdown-1-title, a.dropdown-2-title, a.dropdown-3-title {color: #8a8a8a; font-style: italic;} .signin-icon {display: none;} #signin .header-bottom-item.header-bottom-link {margin-top: -10px;} } @media screen and (min-width:992px){ .Hamburger, .dropdownnavi .top-header-link, #userguidesLink, #supportLink, .smdropdown-alt {display: none;} .bottom-header {display: block;} .header-top-link::after {background: #fff;} header .row:nth-child(2) {background-color:white; box-shadow: 0 3px 5px rgba(0,0,0,0.1);} .depth-1-list, .depth-2-list, .depth-3-list {list-style: none; margin: 0; padding-left: 0; box-shadow: 0 4px 4px rgba(0,0,0,.1);} .depth-1-item, .depth-2-item, .depth-3-item {padding-left:15px; border-bottom:1px solid #dfdfdf; position: relative;} .depth-1-item a, .depth-2-item a, .depth-3-item a {color: #1e1e1e;} .header-bottom-link::after {background: #0014a0;} .header-top-link.active::after, .header-top-link:hover::after, .header-bottom-link.active::after, .header-bottom-link:hover::after {bottom: 0; content: ""; display: block; height: 5px; left: -15px; margin: auto; position: absolute; width: calc(100% + 35px);} .header-bottom-link.smdropdown:hover, .header-bottom-link.smdropdown.active {color:#0014a0} .header-searchbox {position:absolute;top:0;right:60px; margin:0; z-index: 200; } .header-searchbox.active {width:500px;transition: 1s ease-in-out;} #kbsearch {width:350px;} #menu-dropdown, #kb-menu-dropdown {position: absolute; z-index: 100; background: white; text-align: left; margin: 1px 0 0 -15px;} #menu-dropdown, #kb-menu-dropdown .depth-1-list {width:280px} #kb-menu-dropdown .depth-2-list {width:350px!important} #profile-menu {position: absolute; z-index: 100; background: white; width: 350px; text-align: left; width:260px; margin: 0 0 0 -230px; border: 1px solid #c4c4c4; border-radius: 5px; box-shadow: 0 4px 4px rgba(0,0,0,.1);} #menu-dropdown, #menu-dropdown .depth-2-list, #menu-dropdown .depth-3-list, #kb-menu-dropdown, #kb-menu-dropdown .depth-2-list, #profile-menu {display:none;} #helpForumsLink:hover #menu-dropdown, #FaqsLink:hover #kb-menu-dropdown, #profiledropdown:hover #profile-menu {display: block;} #menu-dropdown .depth-1-item:hover .depth-2-list, #menu-dropdown .depth-2-item:hover .depth-3-list, #kb-menu-dropdown .depth-1-item:hover .depth-2-list { display: block; left: calc(100%); background: #fff; border: 1px solid #c4c4c4; position: absolute; top: 0; width: 100%;} #kb-menu-dropdown .depth-1-url {margin:0} #menu-dropdown .depth-1-item:nth-child(3) .depth-2-list, #menu-dropdown .depth-2-item:hover .depth-3-list {top:-1px} .depth-1-item:hover, .depth-2-item:hover, .depth-3-item:hover {pointer:cursor;background-color:#f8f8f8} #helpForumsLink .depth-1-item:hover .depth-1-url, .depth-2-item:hover .depth-2-url, .depth-3-item:hover .depth-3-url, #kb-menu-dropdown .depth-2-item:hover .depth-3-url {color:#0014a0} #FaqsLink .depth-1-item:hover, #FaqsLink .depth-1-item:hover .depth-1-url {cursor:default} .header-right {float: right; margin: 8px 15px 0 0; padding: 3px; height: 30px; border-radius: 3px;} #profiledropdown {padding: 2px; border-radius: 3px; margin-top: -3px;} #dropdownnavi {margin: -1px 0 0 -13px;} #dropdownnavi .top-header-link, .dropdown-1-title, .dropdown-2-title, .dropdown-3-title {display:none} .header-bottom-link.smdropdown {line-height:53px} #signin {display:flex; margin: 1px -12px 0 0} #signin .header-bottom-item.header-bottom-link {margin-top:-14px; height:54px} #signin span {margin-top: 3px;} .signin-icon {padding: 4px 0 20px 0;} .header-bottom-link.smdropdown:before {content:url("data:image/svg+xml;utf8,<svg version='1.1' xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' width='26px' height='18px' xml:space='preserve'><g><path fill='none' stroke='%23010101' stroke-width='2' stroke-linecap='round' stroke-linejoin='round' stroke-miterlimit='10' d='M13.014,14'/></g><g><path fill='%23010101' d='M13,16c-0.256,0-0.512-0.098-0.707-0.293l-3-3c-0.391-0.391-0.391-1.023,0-1.414s1.023-0.391,1.414,0L13,13.586l2.293-2.293c0.391-0.391,1.023-0.391,1.414,0s0.391,1.023,0,1.414l-3,3C13.512,15.902,13.256,16,13,16z'/> </g> </svg>")!important;float: right;} #helpForumsLink:hover .header-bottom-link.smdropdown::before, #FaqsLink:hover .header-bottom-link.smdropdown::before, .header-bottom-link.smdropdown:hover::before {content:url("data:image/svg+xml;utf8,<svg xmlns='http://www.w3.org/2000/svg' width='26px' height='18px' fill='%23010101'><path d='M16,16c-0.256,0-0.512-0.098-0.707-0.293L13,13.414l-2.293,2.293c-0.391,0.391-1.023,0.391-1.414,0s-0.391-1.023,0-1.414l3-3c0.391-0.391,1.023-0.391,1.414,0l3,3c0.391,0.391,0.391,1.023,0,1.414C16.512,15.902,16.256,16,16,16z'/></svg>")!important;} .depth-1-item:before, #helpForumsLink .depth-2-item:before {content:url("data:image/svg+xml;utf8,<svg xmlns='http://www.w3.org/2000/svg' width='26px' height='18px' fill='%23010101'><path d='M12,17c-0.256,0-0.512-0.098-0.707-0.293c-0.391-0.391-0.391-1.023,0-1.414L13.586,13l-2.293-2.293c-0.391-0.391-0.391-1.023,0-1.414s1.023-0.391,1.414,0l3,3c0.391,0.391,0.391,1.023,0,1.414l-3,3C12.512,16.902,12.256,17,12,17z'/></svg>");float:right;} .depth-1-item:hover::before, #helpForumsLink .depth-2-item:hover::before {content:url("data:image/svg+xml;utf8,<svg xmlns='http://www.w3.org/2000/svg' width='26px' height='18px' fill='%23010101'><path d='M14,17c-0.256,0-0.512-0.098-0.707-0.293l-3-3c-0.391-0.391-0.391-1.023,0-1.414l3-3c0.391-0.391,1.023-0.391,1.414,0s0.391,1.023,0,1.414L12.414,13l2.293,2.293c0.391,0.391,0.391,1.023,0,1.414C14.512,16.902,14.256,17,14,17z'/></svg>")!important;} }

Why is there a large amount of Port Scanning Prevention Filter entries in F-Secure firewall blocks.log? - F-Secure Community

Issue:

This article applies to the following F-Secure products: F-Secure Client Security 14.x / 15.x, F-Secure PSB Computer Protection, F-Secure Server Security 14.x, F-Secure PSB Server Protection

I am seeing a lot of the following entries in the firewall blocks.log:


[xxxx.xxxx]  I: Type: FWPM_NET_EVENT_TYPE_CLASSIFY_DROP. Dropped by filter: Port Scanning Prevention Filter, This filter prevents port scanning. This many times means there are no listeners. If debugging ensure your scenario has one.

The connection parameters vary, with different local/remote ports and IP addresses. Do I need to modify my firewall rules for these massages to disappear?

Resolution:

These log entries are associated to the Stealth mode mechanism in Windows Firewall with Advanced Security. It is a built-in functionality, which silently drops outgoing ICMP unreachable and TCP reset messages, to prevent port scanning. This functionality reacts when there is no process listening on the port, which is targeted by the incoming request/traffic.

You can refer to this Microsoft Technet article for more information about this functionality.

Article no: 000012637