Since i see no option to totally disable the auto blocking of port scanning hosts, wouldn’t this be hampering firewall testings via sites like securityspace and grc?
Wouldn’t that be the idea of it?
Why would you want to use a port scanning site like GRC if you are going to turn off the firewall. If you do, what sort of results are you expecting from the post tests?
No i wasn’t clear lol not turning off the firewall, but the auto blocking of port scanning host for x amount of time. in order to test the firewall actual blocking of port scans and not the blocking of certain IP.
Crank the traffic rate and probing rate settings up to 999. This is a greater duration that the online tests of GRC or similar sites and shouldn’t trigger the auto host blocking and allow the tests to complete.
You should have been able to complete the tests without modifying these settings.
Also, if you are behind a router, the port scanning tests will be reporting the results of scanning your router, unless you have port forwarded all ports to your internal IP address.
Hope this helps,
I actually did pass the securityspace.com tests with flying colors without changing those settings, i was just wondering if by just blocking the specified IP was the actual workings and rules i set, In any case that is a great idea, thanks panic.