Port scan from DNS servers

I quite often get a log message about port scannes and that a host i s blocked.
When I check the IP adresses they are all from DNS serveren in my DNS servers list.

  1. Why do they do a port-scan, or are Comodo mis-interpreting things?

  2. How can I fix this (it’s not a good thing to block the DNS server for 5 minutes :slight_smile:

I’ve observed this type of behavior when using Process Explorer. Process Explorer resolves the IP connections of all running processes when Properties is opened for a process. This can involve a large amount of DNS queries & I’ve seen CFW misinterpret the DNS resolves returning as an UDP port scan (temporarily blocking the DNS).

Is yours also Process Explorer, or a similar type of process?

I have Process Explorer installed, but it’s not active when this happends :-/