You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First I apologize in advance, since I am not a networking expert. This issue has been reported by my webhost. It appears from the logs that every time I attempt to download (via drag & drop) from the host to my laptop using Cyberduck, that a port scan is performed. I researched Port Scan, and found that it is either a standard technique or indicative of an "attack". Either way, the webhost is disallowing this currently and blocking the IP.
I have don more research and another webhost has commented that many PC's are infected with port scanning software, and that the practice of blocking IP's is "overkill" and may not be warranted for a commercial server.
Having said that, is Cyberduck Port Scanning in "open new connection" or "use browser connection" modes, or at all? If so, is this standard practice or is it considered now "bad practice"? (If so then this may be a "bug".) If Cyberduck is not performing a "port scan" then some other software is detecting a download action (it appears from the logs, and I will look into this myself).
Either way, the host has currently define "port scan" as "bad" and auto-blocks the IP, which essentially prevents Cyberduck from functioning. So this is either a "overzealous webhost", "clever 3rd party malware which I cannot detect", or a "bug.
Actual Log of Event:
lfd.log:Apr 15 18:24:39 jdz3 lfd[25954]: *Port Scan* detected from 70.184.167.204 (US/United States/wsip-70-184-167-204.hr.hr.cox.net). 11 hits in the last 227 seconds - *Blocked in csf* for 3600 secs [PS_LIMIT]
The text was updated successfully, but these errors were encountered:
First I apologize in advance, since I am not a networking expert. This issue has been reported by my webhost. It appears from the logs that every time I attempt to download (via drag & drop) from the host to my laptop using Cyberduck, that a port scan is performed. I researched Port Scan, and found that it is either a standard technique or indicative of an "attack". Either way, the webhost is disallowing this currently and blocking the IP.
I have don more research and another webhost has commented that many PC's are infected with port scanning software, and that the practice of blocking IP's is "overkill" and may not be warranted for a commercial server.
Having said that, is Cyberduck Port Scanning in "open new connection" or "use browser connection" modes, or at all? If so, is this standard practice or is it considered now "bad practice"? (If so then this may be a "bug".) If Cyberduck is not performing a "port scan" then some other software is detecting a download action (it appears from the logs, and I will look into this myself).
Either way, the host has currently define "port scan" as "bad" and auto-blocks the IP, which essentially prevents Cyberduck from functioning. So this is either a "overzealous webhost", "clever 3rd party malware which I cannot detect", or a "bug.
Actual Log of Event:
The text was updated successfully, but these errors were encountered: