AnsweredAssumed Answered

Continuous Monitoring for Ports Exposed to Internet

Question asked by Santhosh Meesala on Nov 15, 2018

I'm trying to set up a rule for monitoring/alerting on newly opened ports on Internet Facing servers being exposed to Internet. I've created a scan schedule with external scanners for the same. However, I'm seeing a lot of alerts coming in for this (specifically on UDP ports nothing on TCP so far). Is there any suggestion on specific ports to look out or to further tweak the rule so that we get alerted only for certain ports which are actually vulnerable?