# Help, TCP Null Scans



## workdog (Apr 7, 2008)

Well I am not sure if I need to be concerned or not. I am getting an aweful lot of TCP Null Scans being logged by my Firewall. From what I have found by searching, it would appear that this is a type of Hack and someone is trying to gain access to our servers. So far it looks like our firewall is blocking these. 
Is there a way I can make these stop?
Can I report this to anyone?
Is this a bigger concern than I am thinking it is? 
Need some guidance please.


----------



## blues_harp28 (Jan 9, 2005)

Hi and welcome to TSG.
Just to check run a firewall test.
http://www.hackerwatch.org/probe

http://www.grc.com/lt/leaktest.htm


----------



## workdog (Apr 7, 2008)

Okay, after I run the port scan, what do I do. It shows ports closed but unsecure. These ports appear to be ones related to programs that would need them the way they are. I am wondering what to do to "stop" or "cancel" the TCP Null Scan requests being sent, or if possible to tell if they got into my network. What are my next steps?


----------



## blues_harp28 (Jan 9, 2005)

Hi if the firewall test is showing no open ports then the TCP Null Scans are not being allowed to send or receive any data.

"Is there a way I can make these stop?
Can I report this to anyone?"
No to both..your Firewall is doing it's job.
You can spend a lot of time checking what your Firewall is doing but it can make you paranoid [trust me I know]


----------



## workdog (Apr 7, 2008)

So it sounds like my firewall is doing what it is supposed to do?
Thank you very much for your help.


----------



## blues_harp28 (Jan 9, 2005)

:up:
You no doubt have up to date Anti-virus and Spyware programs installed?
I had to ask.


----------



## workdog (Apr 7, 2008)

Yes we do. I try to moniter it daily if not weekly to make sure the DAT files are updating accordingly.


----------



## blues_harp28 (Jan 9, 2005)

You could add an online scan once a week just to double check.
Trendmicro


----------

