Hi Rkim,
I only HTTPS and ping are allowed into my untrusted zone. A
For exzample when I do an NMAP intenese scan and scan to scan my SRX for any open ports I see ports such as 311 TCP opened.
I don't have those ports listed in my destination NAT rules or in my firewall rules. I am assuming NMAP can see it opened because the SRX is a stateful firewall.
Is there a way to block theses port scans? I tried setting my screen option to block port scans but it doesn't work I can still see ports opened.
Please let me know if there is something I can do.
Thanks
Graham