What is the purpose of Norton360 QuickScan scanning the local network by generating huge amount of TCP & UDP packets towards the PC’s default Gateway? Norton makes a scan that a hacker would normally do scanning for: HTTP(S), SSH, TELNET, MySQL, and many many more to locate if these services are enabled on the default gateway. First of all it triggers the IDS system to flag intruders and secondly it is not what I would expect from a PC being protected against exactly this pattern by Norton 360. In reality what difference does it make if a gateway has a service running - in what way will Norton make use of this information to protect the PC? I would like to understand the purpose of this intrusive behavior.