Community Forum

Comcast Port Scanning and work computer treat as attack

New Poster

Comcast Port Scanning and work computer treat as attack

I've spent in total 10+ hours talking to tech support/network security from my own company, and customer support from Comcast, I think I finally figured out the issue, but there is no solution yet. I am hoping I can get some help from this site, if possible. 

 

The issue is that when I work from home with my work computer and connect to my home wifi, the symantec endpoint protection program popups a message saying 'port scan is logged', and another popup saying 'IP address blocked for 600 seconds...'. After numerous conversations with network security engineer from my company, they find out that Comcast is continuously scanning my port, and this is treated as an attack by symantec and thus blocks my IP address. 

 

I talked to 4 different technicians from Comcast, including one manager, none of them had any knowledge about what I was saying. What's worse is that they have given me different and random answers.

1. The first person told me that they can disable the port scan, and did that for me. But in fact, he enabled bridge mode for my wifi and my wifi was not broadcasting at all. He had no idea what was port scan.

 

2. The second person I talked to, i asked them to enable the wifi and tried to confirm if I can check if there is any port scan option somewhere. The lady had no idea, and just told me the router may have some issue, so she scheduled a technician to replace the router for me. She told me the appointment was that afternoon. But she actually scheduled 3 days later....

 

3. I called another person to check the appointment, and ask the port scan issue. He had no idea, so I requested to talk to his manager.

 

4. The manager was a lady, and she had no idea what is port scan. She went away to ask someone else, and came back to tell me that there is nothing they can do on their end. And asked me why I need to scan my port !!!!,  which I feel really frustrated that after 30 minutes, she didn't understand what was going on. I tried to talk more, and then she just told me that 'I'll send you an email' and stopped the phone call. Obviously there was no email.

 

5. So now I am unable to work from home because of this (and I can work from library and from McDonald's or starbucks with their wifi). What can I do to fix this? My company's engineer asked me to figure out why Comcast is attacking my home wifi, and there was only solution to fix the problem: try a different internet server. Is this the only solution? How Comcast trained their technicians? 

 

Thanks to you all.

New Poster

Re: Comcast Port Scanning and work computer treat as attack

My Bitdefender just stopped 3 port scans tonight from Comast.  The IPv6 address they used was 2601:0981:C280:6460:7C60:492B:BC95:94CB.  I have no idea why Comcast has to scan my ports, as I do not own or rent any comast equipment. I only use them for internet service but use commercially available modems and routers, so they really have no business checking my ports.