Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Buffer Overflow Message


  • Please log in to reply
8 replies to this topic

#1 DuaneBarry

DuaneBarry

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 13 January 2008 - 02:03 AM

Hello folks,

Norton just popped up this message for the second time today:

Posted Image

From what I get, someone tried to connect to my computer and Norton blocked it. Great. Now, what intrigues me is that the IP shown for the intruder is owned by my ISP. I had a similar problem in 2006 and I even posted a message here and the IPs shown on that message are also owned by my ISP (which I only realized now). Should I be worried about this or is this something normal?

BC AdBot (Login to Remove)

 


#2 DuaneBarry

DuaneBarry
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 13 January 2008 - 02:41 PM

Well, since I'm here...

I guess today just isn't a good day. I've been getting this horrid message now all day:

Posted Image

Is this one something to be worried about?

#3 CTH_Tom

CTH_Tom

  • Members
  • 295 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 14 January 2008 - 12:35 AM

What's to worry? Norton blocked the intrusion attempts.
When your connected to the internet there's always going to be somebody or something knocking on your door.
As for the I.P's being owned by your ISP I traced both that were given in the alerts using Sam Spade and one shows for Amsterdam and the other to Latin America.
X

#4 DuaneBarry

DuaneBarry
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 14 January 2008 - 01:01 AM

The Latin American IP, that's the one owned by my ISP. I'm sorry, I failed to mention I'm from Brazil.

As long as Norton keeps blocking the intrusion attempts, fine. Maybe it really was just a bad day with lots of alerts popping up. But isn't it a bit queer that an IP owned by my ISP was trying to connect to my computer?

#5 Dialer

Dialer

  • Members
  • 642 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Great State of Disarray
  • Local time:03:50 AM

Posted 14 January 2008 - 01:06 AM

If it's a major ISP, it doesn't seem odd at all. Or, it could be that the IP was spoofed by the intruder.

I don't use Norton, but I'd imagine that you can set it not to show you these alerts, if they're annoying.

#6 DuaneBarry

DuaneBarry
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 14 January 2008 - 01:12 AM

It is a major ISP over here. Is it ok then? Major ISPs do that?

I've set Norton not to show the second alert anymore. If it isn't an oddity I'll do the same for the first one if it shows up again. I guess "Out of sight is out of mind" - as I read once on this very forum.

#7 Dialer

Dialer

  • Members
  • 642 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Great State of Disarray
  • Local time:03:50 AM

Posted 14 January 2008 - 01:18 AM

Well, it's OK because Norton blocked it. I should have been clearer about why it doesn't surprise me if it's a major ISP. The odds are pretty good, in that case, that someone else using that same ISP could be sending out malware. Even so, I think it's more likely that the IP number was spoofed.

Ummmmm. It depends on what's out of sight. Rootkit trojans (not sure I have the right terminology) can be out of sight, and apparently they're about the most dangerous.

#8 DuaneBarry

DuaneBarry
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 14 January 2008 - 01:26 AM

I get it. Well, whatever it was I hope Norton keeps doing its job. I'll try not to get paranoid over this thinking about the odds of whoever it was getting smarter and finding a way to bypass Norton hahaha

Thanks a lot for all the help here.

#9 Dialer

Dialer

  • Members
  • 642 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Great State of Disarray
  • Local time:03:50 AM

Posted 14 January 2008 - 01:32 AM

No need to be paranoid, but don't be too relaxed, either. Be sure to keep Norton updated, run scans regularly, and make sure you have a good firewall, as well as a couple of anti-spyware apps. There's lots of info on all of that throughout this forum.

Glad I could be of some help to you. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users