1. Home
  2. Networking Firewalls
  3. Newbie with Norton Personal Firewall - Help Please

Newbie with Norton Personal Firewall - Help Please

Personal Firewall: You were last attacked on: July 31,2004 8:27am Recent Intrusion attempts: 3 Most frequent attacker: and gives the isp number.

Last night I had checked and I was attacked like 20 times.

What my question is is am I being "attacked" in the way that they are stealing info from me. And if so how do I enable my Norton Firewall to STOP THIS.

I mean I have the damn thing on, I'm "blocking" popup windows saying someone is trying to get to my computer. What else do I need to do?

Please, help. Symantec.com's "tech support" is crap. Thank you sooooo much for any input. xoxo, Maidstone

Reply to
Maidstone
Loading thread data ...

That is precisely why I dumped Norton's and installed ZoneAlarm. So far Norton's has lost 5 of my customers because they would not support me.

Now to answer your question, you seem to be well protected, Norton stopped 20 attacks, that is good. You need to look at the firewall log to see what was trying to enter your PC, that will tell if it was just a ping on your connection, or an active hacker.

The best way to find out how well you have Norton configured is to go back to their web site and allow them to scan your communications ports. There are two important reports to look at and they are in the advance reports; all ports blocked, and Stealth Ports. Just because a port is blocked does not mean a hacker will not try to enter, he will bang away trying to find an entrance, but a Stealth Port makes the port inviable to the hackers, if he doesn't know it exists he can't try to get in.

Michael

Reply to
Michael

I will just repeat what others have said. You weren't "attacked." 3 hits or 20 hits is not an attack. It's background noise. THIS is an attack:

formatting link
What you are seeing is wrong numbers, lost packets, and random probes from Trojans installed on infected machines. As long as they are being blocked, don't sweat it, and ignore the misleading hyperbole from Symantec. Symantec is run by salesman, not engineers.

I would enable logging and disable the alerts. You can study the logs at your leisure and see what you are happily missing on the internet.

Reply to
"Crash" Dummy

That "crap" about attemps is just that. The firewall is blocking port scans from other IP addresses. They *could* be malicious attemps, but more than likely, they are not. Just ignore those statistics. There is nothing you can do about them, anyway. Open a cold one, sit back and have a nice day.

Reply to
optikl

The exact nature of those "attacks" can probably be found in your log file. Software firewall manufacturers often refer to malware propagation attempts, and even normal background traffic, as "attacks", presumably since it looks more dramatic than "dropped packet" or something similar. It's obviously a marketing gimmick.

Thor

Reply to
Thor Kottelin

The "hacker" will know that the TCP and UDP ports 0-65535 exist. "Stealth ports" are hype, just as the "attacks" we discussed earlier.

Thor

Reply to
Thor Kottelin

Thanks Michael for you help and input. Much appreciated.

xoxo, Maidstone

Reply to
Maidstone

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.