摘要 |
Browser-based port scanning attacks in a Local Area Network (LAN) are prevented. A security device in the LAN intercepts a message from a first device in the LAN towards a second device in the LAN, the message requesting connection between the devices. The security device prompts a user of the first device to approve the connection. In the event that the user does not give approval, the connection attempt is terminated. If the connection is the result of a browser port scanning attack, the user will not approve the connection since they did not initiate it. In other embodiments the connection may be approved if it does not originate from a known browser (S6, fig. 2), or if the addresses of websites used at the first device within a predetermined time period are contained in a white-list of trusted websites (S7), or if an address bar of a browser at the first device contains a trusted address (S8). |