NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Armor vulnerability scan triggers temporary blacklisting on my NAS
The Armor vulnerability scanning feature is nice and a useful add-on, however: when it scans my NAS, the NAS interprets it as an attack and blocklists it for a few minutes... which then Armor interprets being blocked as having successfully detected a vulnerability. Is there a way to tell Armor to leave my NAS alone? I hesitate to whitelist the router on my NAS.
2 Replies
Hi mthome,
Curious to know, is Armor blocking the NAS every time there is a vulnerability scan and does it only happen on that particular NAS?
Thanks,
Christian
As far as I can tell, every vulnerbilty scan results in the NAS box putting the router in the doghouse for a few minutes (The NAS logs report a possible attack) and then the router reporting the fact that it was blocked as evidence of a successful DOS/overflow vulnerability. I understand and even approve of what both devices are doing, but, for instance, when my commercial ASV scanner runs against our production resources, I can tell the vendor to throttle their probes or stop making a particular attack on a specific host. Whitelisting is the wrong answer, just like I'd never tell my production servers "oh, don't worry about those DMZ hosts - they're totally never going to be owned."
