A firewall alone cannot fully block port scanning activity. While firewalls can prevent unwanted access by filtering communication over risky ports, they have limitations. Firewalls only provide part of the protection needed and proper configuration by human administrators is still required. Additional security tools like intrusion detection systems are needed to monitor for attacks that get past the firewall.