You're welcome. Here's some more information pertaining to some of the issues you addressed.
I've noted the Outpost Firewall seems to be the one program intercepting Intrusion Attack attempts from one specific IP address in China. (I did place that IP on the automatic Blocklist , but I will usually get
a brief popup alert from Outpost FW stating it has blocked the IP [and subnet] from sending what's termed suspicious packets (TCP protocol ))
controls network traffic and serves two basics purposes
- Prevent incoming communications that you did not request from entering your computer;
- Monitor what programs on your computer are allowed to communicate out.
The firewall does this by enforcing an access control policy
to permit or block (allow or deny) inbound and outbound traffice. Thus, the firewall acts as a central gateway for such traffic by denying illegitimate transfers and facilitatint access which is deemed legitimate. The goal
of the firewall is to prevent remote computers from accessing yours and provide notification of any unrequested traffic that was blocked along with the IP address
. keep in mind however, that a firewall is not a panacea to solve all of your security problems. If you will open ports through your firewall to allow access to an infected machine, then the firewall is no longer relevant.
If your firewall provides an alert
which indicates it has blocked access to a port
or detected an intrusion attempt that does not necessarily mean your system has been compromised. These alert messages are a response to unrequested traffic from remote computers
(an external host) to access a port on your computer.
Alerts are often classified by the network port they arrive on, and they allow the firewall to notify you in various ways about possible penetration and intrusion attempts on your computer. Even if the port is open, the alert message indicates that your firewall has blocked the attempt to access it.What are TCP and UDP portsTCP/UDP Ports Explained
It is not unusual
for a firewall and some anti-virus programs to provide numerous alerts regarding probing and intrustion attempts to access your computer. Botnets
and Zombie computers
scour the net, randomly scanning a block of IP addresses, searching for vulnerable ports
- commonly probed ports
and make repeated attempts to access them. Hackers use "port scanning
", a popular reconnaissance technique, to search for vulnerable computers with open ports using IP addresses or a group of random IP address ranges so they can break in and install malicious programs. Your firewall is doing its job by blocking this kind of traffic and alerting you
about these intrusion attempts. However, not all unrequested traffic is malevolent. Even your ISP will send out regular checks to see if your computer is still there, so you may need to investigate an attempted intrusion. If your computer is sending out large amounts of data, that can indicate that your system may have a Trojan. For more information about Port Scanning, please refer to Port Scanning Basic Techniques
If the alerts become too annoying, you should be able to go into your firewall/anti-virus settings and lower them or turn them off (Hide notification messages).
I almost never get alerts now from MBAM
(malicious website blocking) is part of the Protection Module
and works after it is enabled. When attempting to go to a potential malicious website, Malwarebytes will block the attempt and provide an alert. Some legitimate programs on your computer have access to the Internet and that action can also trigger an IP alert. These events are stored in the "protection-log". Your firewall should be able to give you a list of such programs so you can confirm if they are legitimate. IP Protection is also designed to block incoming connections
it determines to be malicious but from what you describe, the firewall is doing that.
The SuperAntispyware program I only use for on-demand scans. (I've noted it tends to pick up a lot of cookies).
SUPERAntiSpyware will scan for cookies if you have it configured to do so. There is no need to do this as cookies are not a threat.Cookies
are text string messages
given to a Web browser by a Web server. Whenever you visit a web page or navigate different pages with your browser, the web site generates a unique ID number which your browser stores in a text (cookie) file that is sent back to the server each time the browser requests a page from that server. Cookies allow third-party providers such as ad serving networks, spyware or adware providers to track personal information. The main purpose
of cookies is to identify users and prepare customized Web pages for them.
- Persistent cookies have expiration dates set by the Web server when it passes the cookie and are stored on a user's hard drive until they expire or are deleted. These types of cookies are used to store information between visits to a site and collect identifying information about the user such as surfing behavior or preferences for a specific web site.
- Session (transient) cookies are not saved to the hard drive, do not collect any information and have no set expiration date. They are used to temporarily hold information in the form of a session identification stored in memory as you browse web pages. These types of cookies are cached only while a user is visiting the Web server issuing the session cookie and are deleted from the cache when the user closes the session.
Cookies can be categorized as:
- Trusted cookies are from sites you trust, use often, and want to be able to identify and personalize content for you.
- Nuisance cookies are from those sites you do not recognize or often use but somehow it's put a cookie on your machine.
- Bad cookies (i.e. persistent cookies, long term and third party tracking cookies) are those that can be linked to an ad company or something that tracks your movements across the web.
The type of persistent cookie that is a cause for some concern are "tracking cookies
" because they can be considered a privacy risk
. These types of cookies are used to track your Web browsing habits (your movement from site to site). Ad companies use them to record your activity on all sites where they have placed ads. They can keep count of how many times you visited a web page, store your username and password so you don't have to log in and retain your custom settings. When you visit one of these sites, a cookie is placed on your computer. Each time you visit another site that hosts one of their ads, that same cookie is read, and soon they have assembled a list of which of their sites you have visited and which of their ads that you have clicked on. Cookies are used all over the Internet and advertisement companies often plant them whenever your browser loads one of their banners.Cookies are NOT a "threat"
. As text files they cannot be executed to cause any damage. Cookies do not
cause any pop ups or install malware and they cannot erase or read information from a computer.
Microsoft's Description of Cookies
Cookies cannot be used to run code (run programs) or to deliver viruses to your computer.
To learn more about Cookies, please refer to:Flash cookies
(or Local Shared Objects
) and Evercookies
are a newer way of tracking user behavior and surfing habits but they too are not a threat, nor can they harm your computer.
new storage methods. When evercookie finds that other types of cookies have been removed, it recreates them so they can be reused over and over
are cookie-like data stored on a computer and used by all versions of Adobe Flash Player and similar applications. They can store much more information than traditional browser cookies and they are typically stored within each user’s Application Data directory with a ".SOL" extension, under the Macromedia\FlashPlayer\#SharedObjects folder. Unlike traditional cookies, Flash cookies cannot be managed through browser controls so they are more difficult to find and remove. However, they can be viewed, managed and deleted using the Website Storage Settings panel
at Macromedia's Support Site. From this panel, you can change storage settings for a website, delete a specific website or delete all sites which erases any information that may have been stored on the computer. To prevent any Flash Cookies from being stored on your computer, go to the Global Storage Settings panel
the option “Allow third-party Flash content to store data on your computer”
. For more information, please refer to:As long as you surf the Internet, you are going to get cookies
and some of your security programs will flag them for removal. However, you can minimize the number of them which are stored on your computer by referring to:Third party utilities to Manage (view & delete) Cookies: