I have recently installed LDMS 88 SP3 on a new server so fresh install fresh core, I have installed the remote console on the XP machines the service desk folks use, but now when they scan the network using unmanaged device discovery, it is making my IDS system scream as it seems to be going on on Port 22 for some reason and it shouldn't be from what I can tell, in my configuration for umanaged device discovery I am just using the recommended standard network scan and I specify an IP range, Does anyone have an input as to why when I do this scan it would try to go out to port 22
pure guess, but it may be checking the SSH port for OS fingerprinting/identification purposes ...
Why say you are guessing Paul, you are exactly correct.
You should exclude any network scanning devices, such as the Core Server, so packets from the Core Server are ignored by your IDS.
Submit a ticket with your network guys to get this done.