i'm pretty sure you already know to do this, but incase you didn't

you have to add all comps on the network to the trusted users/computers list

I don't think thats the problem andy.

IT keeps on telling me that i was attacked by

sokets de trois v1. trojan horse


originating from 192.168.0.1

Why don't you get the free version of ZoneAlarm...when the exploit occurs you can backtrack to find details of the site/isp etc and send a rocket up the ISP.....they are obliged to stop their users from trying these exploits.....You might just be able to send the idiots a direct message....but they'd have to be a bit lame if they were that easily traced....could be the troj is working from an infected machine....Notran has probably prevented the troj from infecting your machine to date thats why you can't locate it........

I'll give that a go Oldbugger

hey kheldar, can you tell me how it goes after you try that?

i seem to be having the same problem, but after i added my network adaptor ips to my trusted zone, all the warnings disappeared (note: the warnings are only on the home network and not once has there been any warnings on connecting to the web).

i've been keeping an eye on things on my server & client after that but i there doesn't seem to be anything wrong (i've got pratically the most updated antivirus software available).

later when i have time, i'm gonna uninstall nortan and try another firewall recommended by my friend.

Will do

I've been a bit concerned for while that something weird was going on in my network, which is why I installed the firewall stuff

Some tests indicate that an unprotected Windows system can be compromised in an average of about 3-4hrs....an unprotected Linux system in about 27hrs.......if you don't have some sort of firewall then you are just asking for trouble....even so you may still be vulnerable to a really sustained attacker...not likely though if you have at least some elementary protection.....

The responsibility for the security of your machine is yours....if you don't mind others poking around then fine...but otherwise just be a bit careful...at least set the WindowsXP firewall up at a reasonable level ...the same as the Linux ones......just a little deterence will go a long way..........

Just like the old saying," just enought to keep an honest man honest."

Norton firewall isnt the best/most reliable firewall to deploy for, well, any situation. There are dozens of cracks out there that easily bypass its um, 'protection'. (or lack thereof)

Ive found ZA and Sygate to be the most secure firewalls. Sygate especially.

Norton is so shonky that I was getting errors from my master browser machine (win2k adv server) trying to 'attack' me. (all it was doing is querying my machine)

The address you sight is your network hub, or another computer on your network. You've probably been experiencing network problems if you block this communication.

yeah just few like I wouldn't be able to see anything, which is why i haven't blocked it,

think i found what it is

i've been messing around with ftps a few days ago and for some reason norton blocks the ftp traffic on my server comp.

it seems to think that ftp traffic is th sokets de trois v1. trojan horse probe.

atm i've unmonitored a port to let ftp traffic thru and have done some minor firewall tests to make sure there are any obvious holes.