Please report all spam threads, posts and suspicious members. We receive spam notifications and will take immediate action!
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Can't Find the Virus




  1. #1
    Join Date
    Nov 2001
    Location
    Bendigo Australia
    Posts
    1,788

    Default

    here's the problem

    Nortan Firewall keeps reporting that 192.168.0.1 is trying to attack my PC's with a backdoor trojan

    I've used NAV And Vet on my ics machine and it can't find any any problems.

    The Question I have is:

    Could Nortan Firewall be misrepresenting the attack and its actually a WinXP service doing some netwrok query?

    so far Its "attacked" 2 of my pcs (but not my mian one which is a bit strange)


    Or is it interpretting 192.168.0.1 as the source when really its comming from the internet?

    I've manually searched for the virus/trojan/backdoor (according to symantec) and can't find it

  2. #2
    Join Date
    Nov 2001
    Posts
    2,464

    Default

    i'm pretty sure you already know to do this, but incase you didn't

    you have to add all comps on the network to the trusted users/computers list

  3. #3
    Join Date
    Nov 2001
    Location
    Bendigo Australia
    Posts
    1,788

    Default

    I don't think thats the problem andy.

    IT keeps on telling me that i was attacked by

    sokets de trois v1. trojan horse


    originating from 192.168.0.1

  4. #4
    Join Date
    Nov 2001
    Posts
    362

    Default

    Why don't you get the free version of ZoneAlarm...when the exploit occurs you can backtrack to find details of the site/isp etc and send a rocket up the ISP.....they are obliged to stop their users from trying these exploits.....You might just be able to send the idiots a direct message....but they'd have to be a bit lame if they were that easily traced....could be the troj is working from an infected machine....Notran has probably prevented the troj from infecting your machine to date thats why you can't locate it........

  5. #5
    Join Date
    Nov 2001
    Location
    Bendigo Australia
    Posts
    1,788

  6. #6
    Join Date
    Feb 2002
    Posts
    59

    Default

    hey kheldar, can you tell me how it goes after you try that?

    i seem to be having the same problem, but after i added my network adaptor ips to my trusted zone, all the warnings disappeared (note: the warnings are only on the home network and not once has there been any warnings on connecting to the web).

    i've been keeping an eye on things on my server & client after that but i there doesn't seem to be anything wrong (i've got pratically the most updated antivirus software available).

    later when i have time, i'm gonna uninstall nortan and try another firewall recommended by my friend.
    =D

  7. #7
    Join Date
    Nov 2001
    Location
    Bendigo Australia
    Posts
    1,788

    Default

    Will do

    I've been a bit concerned for while that something weird was going on in my network, which is why I installed the firewall stuff

  8. #8
    Join Date
    Nov 2001
    Posts
    362

    Default

    Some tests indicate that an unprotected Windows system can be compromised in an average of about 3-4hrs....an unprotected Linux system in about 27hrs.......if you don't have some sort of firewall then you are just asking for trouble....even so you may still be vulnerable to a really sustained attacker...not likely though if you have at least some elementary protection.....

    The responsibility for the security of your machine is yours....if you don't mind others poking around then fine...but otherwise just be a bit careful...at least set the WindowsXP firewall up at a reasonable level ...the same as the Linux ones......just a little deterence will go a long way..........

  9. #9
    Join Date
    Mar 2002
    Posts
    111

    Default

    Just like the old saying," just enought to keep an honest man honest."
    Athlon 2000+
    epox 8kha+
    768MB crucial/micron DDR pc2100
    Pine geforce 2 AGP mx400
    SB Audigy mp3+
    20 GB Western Digital
    Creativelabs 52x CDROM
    Buslink 40x12x48 burner
    Asynchronus digital subscriber loop

  10. #10
    Join Date
    Nov 2001
    Posts
    735

    Default

    Norton firewall isnt the best/most reliable firewall to deploy for, well, any situation. There are dozens of cracks out there that easily bypass its um, 'protection'. (or lack thereof)

    Ive found ZA and Sygate to be the most secure firewalls. Sygate especially.

    Norton is so shonky that I was getting errors from my master browser machine (win2k adv server) trying to 'attack' me. (all it was doing is querying my machine)

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •