The system records all suspicious service scan attempts, including invalid registrations and unauthorized calling attempts. All suspicious attempts are logged (saved in a file), so that we can periodically updated suspicious IPs list in the firewall.