Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 02-21-2005, 12:37 PM   #1
Beta Member
 
Join Date: Feb 2005
Posts: 3
Unhappy Hacker Bypassing Norton Internet Security

I have Norton IS, but I keep getting outside intrusions into my PC from this one source.

I first noticed this 3 days ago in Norton IS, under detailed statistics and am having trouble keeping this person from entering my computer. I keep seeing remote access from a URL.

The problem is that Norton allows this person in. Can I adjust the Firewall to keep this person out??? NAV full system scans come up with nothing.
__________________

M3Blitz is offline   Reply With Quote
Old 02-21-2005, 01:06 PM   #2
Fully Optimized
 
technoman's Avatar
 
Join Date: Dec 2004
Posts: 3,382
Default Re: Hacker Bypassing Norton Internet Security

not too sure try and block that website through Norton if you can.
__________________

__________________
~~~ tEcHnOmAn ~~~
technoman is offline   Reply With Quote
Old 02-21-2005, 02:16 PM   #3
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,006
Default Re: Hacker Bypassing Norton Internet Security

I'm not sure blocking a website wi help, but perhaps complaining will... (see below)

what exatly is happeneing?
is someone on the machine that is a web server hacking you, or is there a program on your machine posting data to a webserver?

Code:
Non-authoritative answer:
Name:    http://almostjdi.9p.org.uk
Address:  212.15.85.20

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Whois query server #2.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html

inetnum:      212.15.85.0 - 212.15.85.255
netname:      CSIUK
descr:        UK Internet Provider
descr:        Please address AUP complaints to sales@portland.co.uk
descr:        or phone +44 (0)870 1995 108.
descr:        Complaints are dealt with in line with
descr:        Portland Communications AUP immediately.
country:      GB
admin-c:      GS213-RIPE
tech-c:       GS213-RIPE
status:       ASSIGNED PA
notify:       peering@csi.net.uk
mnt-by:       CSI-NOC
changed:      reachus@nslnet.net 20041030
source:       RIPE

route:        212.15.64.0/19
descr:        CSI Telehouse Network
descr:        Please address abuse complaints to abuse@csi.net.uk
descr:        Where they will be dealt with in line with our AUP.
descr:        Abuse complaints to any other address will be ignore.
origin:       AS8871
mnt-by:       CSI-NOC
changed:      peering@csi.net.uk 20001119
source:       RIPE

person:       Gary Shine
address:      Netlink Solutions Limited.
address:      1661 Spring House Trail
address:      Virginia Beach
address:      Virginia 23455 U.S.A
phone:        +1 757 460 3555
fax-no:       +1 757 460 7759
nic-hdl:      GS213-RIPE
e-mail:       reachus@nslnet.net
notify:       reachus@nslnet.net
mnt-by:       CSI-Noc
changed:      reachus@nslnet.net 20011021
source:       RIPE
root is offline   Reply With Quote
Old 02-21-2005, 03:27 PM   #4
In Runtime
 
Windex's Avatar
 
Join Date: Jan 2005
Posts: 153
Default Re: Hacker Bypassing Norton Internet Security

unplug the comp from the modem. make a backup. reformat. and then replace things. and change your IP and port.
__________________
Num, num, num. MMMMMM FRUIT!
Windex is offline   Reply With Quote
Old 02-21-2005, 03:28 PM   #5
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,006
Default Re: Hacker Bypassing Norton Internet Security

Thats a little extreme don't you think!!!
root is offline   Reply With Quote
Old 02-21-2005, 09:03 PM   #6
Beta Member
 
Join Date: Feb 2005
Posts: 3
Default Re: Hacker Bypassing Norton Internet Security

I think the server was making it's way into my system. The log shows a lot of back and forth data being transferred. Thanks for your help. I found the culprit, my lazy @$$ never got around to downloading SP2 and there was a javascript module attached my own Xanga site. (yikes). It mustve worked like some kind of tracer and made it's way through the IE port while i was surfing. I deleted the module and I'll keep my eye out if I see that site again.
M3Blitz is offline   Reply With Quote
Old 02-21-2005, 09:05 PM   #7
Beta Member
 
Join Date: Feb 2005
Posts: 3
Default Re: Hacker Bypassing Norton Internet Security

PS--root--I was shocked at the info you got!! I wasnt expecting that!
M3Blitz is offline   Reply With Quote
Old 02-22-2005, 01:03 PM   #8
Beta Member
 
Join Date: Feb 2005
Posts: 4
Default Re: Hacker Bypassing Norton Internet Security

You can always do a WHOIS lookup with www.ripe.net.. they have a big database. But if it helps you (like it does for me =)) use Visual Route to see just exatly they are located ;-)
qwdaffy is offline   Reply With Quote
Old 02-22-2005, 01:26 PM   #9
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,006
Default Re: Hacker Bypassing Norton Internet Security

I use visual route, and I have jwhois installed on my machines that queries loads of ripe type databases (there are different authorities for each country)
root is offline   Reply With Quote
Old 02-26-2005, 09:22 PM   #10
Baseband Member
 
John000's Avatar
 
Join Date: Jan 2005
Posts: 21
Send a message via AIM to John000
Default

Nortons firewall sucks. How about you download Zone Alarm, its better and its FREE.
__________________

John000 is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 10:08 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0