NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

steveoelliott's avatar
Nov 01, 2016
Solved

Readynas 526X - Network Access Whilst Resync

Hi all,   Today i've been setting up my new ReadyNAS 526X. I've destroyed the original volume and now created a RAID-6 one which is in the process of resyncing.   Whilst this is ongoing, I've bee...
  • steveoelliott's avatar
    steveoelliott
    Nov 01, 2016

    All I have solved this myself... It seems Symantec Endpoint Detection blocks the device due to a suspect port scan. See this in logs:

     

    Somebody is scanning your computer.
    Your computer's UDP ports:
    61393, 61783, 50935, 57172 and 64028 have been scanned from 192.168.10.21.

     

    Somebody is scanning your computer.
    Your computer's UDP ports:
    54855, 58387, 56777, 60113 and 54196 have been scanned from 192.168.10.21.

     

    The client will block traffic from IP address 192.168.10.21 for the next 600 seconds (from 01/11/2016 17:03:22 to 01/11/2016 17:13:22).

     

    According to: https://support.symantec.com/en_US/article.tech165237.html

     

    The SEP firewall detects the behavior as port scan attack if the same IP address accesses more than 4 ports within 200 seconds.

    It is not unknown for legitimate software to act in a way which triggers this event. (It all comes down to the way in which the software is designed to function and communicate.) Administrators should monitor their networks and grow to recognize what is expected and unexpected within their domain. 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More