docricePremium
join:2008-03-31
Fremont, CA | Xmas port scan involves an "odd" packet that is intentionally sent to an address where the packet's IP header has certain "unusual" flags set on it. Depending on the IP stack on the receiving host, it responds (or not) in a certain way which allows the originator to determine host characteristics.
This is very common on interfaces facing the Internet directly and it's not something you can stop. Port scans are a fact of life like pollution outside your home's front door.
A "PSK port scan" presumably is just detected attempts of someone trying to associate using an encryption key based on an incorrectly computed pairwise master key. Someone within radio range is probably trying different pre-shared key values to see if they can tap into your wireless connection. |
 SYNACKJust Firewall ItPremium,Mod
join:2001-03-05
Venice, CA
Networking
Virtual Private Ne..
Netgear
ZyXEL
| reply to jp_smart
First of all the Xmas port scan apparently came from the WAN, not via wireless. What arrives there is out of your control, so there is nothing you can do except ignore it. There is no danger. Do you forward any ports?
What is the make and model of your router. Most cheap routers have relatively primitive detection algorithms, so it might even well be a false positive. Can you give the full log entry (source IP, destination port, etc.) |
