Security

  • Thread starter Thread starter PuppyGumDrop
  • Start date Start date
P

PuppyGumDrop

15 September 2003

165 port attack attempts - reported and blocked by Norton
Internet Security and site tracked to Symantec ?

Symantec - No comment!

6 DSO Exploits while updating security. Found by SpyBot.

Email from Australian Taxation Office informing me I had
sent them the SobigF Worm. I have never e-mailed them.

Norton Internet Security Firewall and Anti Virus disabled.

Log on to my Internet Service Provider password changed.

The letter W scanning registry ????

All within 1 week of owning this new system and as I
thought, secure as I could be.

16 September 2003

Late News Australia Channel 10 just reported
Australian Defense Department computers attacked by Sobig
Worm.

What hope does the average user have.

PuppyGumDrop
 
* PuppyGumDrop said:
15 September 2003

165 port attack attempts - reported and blocked by Norton
Internet Security and site tracked to Symantec ?

Symantec - No comment!
Click to expand...

Why would they make a comment? It wasn't coming from them or you
misinterted the log file.

6 DSO Exploits while updating security. Found by SpyBot.

Email from Australian Taxation Office informing me I had
sent them the SobigF Worm. I have never e-mailed them.
Click to expand...

You may not have but did a virus on your computer send it? Also they
spoof the address too so if your machine is clean and didn't send it the
return address could still be yours.
Norton Internet Security Firewall and Anti Virus disabled.
Click to expand...

It happens. Not necessarily a sign of anything nasty.

Log on to my Internet Service Provider password changed.

The letter W scanning registry ????
Click to expand...

Letters are scanning your registry??
All within 1 week of owning this new system and as I
thought, secure as I could be.

16 September 2003

Late News Australia Channel 10 just reported
Australian Defense Department computers attacked by Sobig
Worm.

What hope does the average user have.

PuppyGumDrop
Click to expand...

Yours seems to be pretty average nowadays. Either turn off logging,
which can open other problems, or learn how to read them. Port scanning
is a way of life on the net, one infected machine looking to infect
others, if it's blocked don't worry about it your firewall did what its
supposed to.

Jason
 
Why would they make a comment? It wasn't coming from them or you
misinterted the log file.
Click to expand...


Symantec are now trying to help all they can.
You may not have but did a virus on your computer send
Click to expand...
it?

I have not had a virus or trojan found on my computer.

Also they
spoof the address too so if your machine is clean and didn't send it the
return address could still be yours.
Click to expand...

Well that's a nice warm secure feeling - was very warm
when I got the email from the Taxation Office..
disabled.

It happens. Not necessarily a sign of anything nasty.But it left me unprotected. And by the time I saw that it
had been disabled it was too late.
Just that I have never had that happen before.
Letters are scanning your registry??
Click to expand...

Just the letter W sitting there. No *.exe/com just W

Finally found it in the registry under run and deleted
the key.
Then Symantec LiveUpdate magically kicked in downloaded
16megs of URL security updates.

Yours seems to be pretty average nowadays. Either turn
Click to expand...
off logging,

Well it is a sad state of affairs if I am only average
now. lol
which can open other problems, or learn how to read them.
Click to expand...

My computer guy today suggested I rip the phone lines out.

Port scanning
is a way of life on the net, one infected machine looking to infect
others, if it's blocked don't worry about it your firewall did what its
supposed to.
Click to expand...

Thankfully after the W incident everything seems to be
working fine as of this moment ;-)

Thanks Jason,

PGD
 
* PuppyGumDrop said:
Symantec are now trying to help all they can.

it?

I have not had a virus or trojan found on my computer.

Also they

Well that's a nice warm secure feeling - was very warm
when I got the email from the Taxation Office..

disabled.

It happens. Not necessarily a sign of anything nasty.
But it left me unprotected. And by the time I saw that it
had been disabled it was too late.
Just that I have never had that happen before.


Just the letter W sitting there. No *.exe/com just W

Finally found it in the registry under run and deleted
the key.
Then Symantec LiveUpdate magically kicked in downloaded
16megs of URL security updates.


off logging,

Well it is a sad state of affairs if I am only average
now. lol


My computer guy today suggested I rip the phone lines out.

Port scanning

Thankfully after the W incident everything seems to be
working fine as of this moment ;-)

Thanks Jason,

PGD
Click to expand...

lol, it sounds like something was trying to updated itself but was
buggered up somehow. Yep your computer guy is correct, yank the damn
wire. :-) I had to switch off logging on the common wintendo exploits
as the log file was getting to big for the little 2g drive in my
firewall.

It unfortinualy doesn't get much better for folks knocking on your
computer door, it oddly enough seems to follow the cycle of higher
education. Schools in attempts go up, schools out attempts go down. Nice
to see that they're spending thier time learning. ;)

Jason
 
Back
Top