Norton Internet Security 2004 - Program Control alert

[Pinot Grigio]

Help Please...........New PC ! P4, 3.0Mhz, XP PRO; IE6, OE6
I am being bombarded with Program Control messages - a dozen in a row then a
few minutes later another lot.
They are all the same format:
High Risk
A remote system is attempting to access your computer
Details:
Time
Date
Protocol: TCP (Inbound) sometimes UDP (Inbound)
Remote Address: 81.178.235.78 : 1834 (a real one)
Local Address : Me (I presume)
Location : Home
I block them all (as recommended) and tick "Always use this action".

I don't seem to be able to find out what they are. There is no alert
assistant. They are in none of the logs.

I am finding them by going to Personal Firewall - Advanced tab - then
General. These General Rules are really helpful (LOL). Like:
InboundTCP
Block, Direction: Inbound, Computer: Specific, Adapter:Any,
Communications: Specific, Protocol: TCP
The only info I get here is the Single Address IP and the local port
blocked. It does ask me what category this rule belongs to!

The remote addresses are always different.
How do I stop this happening. It is driving me mmaaaaadddd!

 

[Carey Frisch [MVP]]

Visit the following Symantec Security Check website and
perform a thorough security scan:

http://security.symantec.com/ssc/ho...d=symnis2003&plfid=23&pkj=UTZQESLHFEPGEVVSDUX

--
Carey Frisch
Microsoft MVP
Windows XP Shell/User

------------------------------------------------------------------------------------------------


| Help Please...........New PC ! P4, 3.0Mhz, XP PRO; IE6, OE6
| I am being bombarded with Program Control messages - a dozen in a row then a
| few minutes later another lot.
| They are all the same format:
| High Risk
| A remote system is attempting to access your computer
| Details:
| Time
| Date
| Protocol: TCP (Inbound) sometimes UDP (Inbound)
| Remote Address: 81.178.235.78 : 1834 (a real one)
| Local Address : Me (I presume)
| Location : Home
| I block them all (as recommended) and tick "Always use this action".
|
| I don't seem to be able to find out what they are. There is no alert
| assistant. They are in none of the logs.
|
| I am finding them by going to Personal Firewall - Advanced tab - then
| General. These General Rules are really helpful (LOL). Like:
| InboundTCP
| Block, Direction: Inbound, Computer: Specific, Adapter:Any,
| Communications: Specific, Protocol: TCP
| The only info I get here is the Single Address IP and the local port
| blocked. It does ask me what category this rule belongs to!
|
| The remote addresses are always different.
| How do I stop this happening. It is driving me mmaaaaadddd!

 

[James Martin]

Unfortunately, there is no way to stop them from occurring,
you can only block them. I'm not too familiar with
NIS2004, but you need to just turn off notification for
those particular attacks. Go to the Norton newsgroups (if
they have them) and ask how. Ideally you want to lock down
all your ports, and open only the ones you use. Also, try
using the built in XP Firewall in addition to using NIS2004.

As for what they are--they are most likely either hackers,
or machines that are under the control of hackers. Someone
will exploit a security hole, install an app that's only
purpose is to replicate by exploiting that hole in other
pcs, etc, etc. Once thousands of machines are infected,
the originator can use them for whatever they want and most
users have no idea that this is occurring.

Just keep your windows updated, use the firewalls, and use
anti-virus and you should be fine, but don't fret about all
the attempted accesses, it's not worth being put in the
asylum over . Another good option is a hardware firewall
in the form of a router. They're cheap these days, and
work by creating a private network in your home. If you
have a decent one (I use a D-link wireless router) you
would not recieve any of that garbage.

Regards