05-04-2010 11:53 AM - edited 05-04-2010 12:08 PM
Ok, Ive gotten the usual "A recent attempt to attack your computer was blocked" warnings like everyone else probably has especially when I first bought my computer and signed on everyday. But just in the last week or so Ive been getting this warning a minimum of 20 / 25 times a day from the same I.P addresss. The person is from China and is trying to do a portscan. Thank God for Nortons they're not succeeding obviously but they're so relentless Im afraid they'll figure out a way. My questions are 1. Can I report the continuos attempts to somebody , is there anyplace online where you can report someone trying to hack into your computer? 2. Am I completely safe with Nortons or will this person ever have a chance to break through? and 3. I went into my Nortons security today to try and see if it logged the I.P address anywhere so I could report them but instead found something that allows you to enter I.P addresses of computers you want to restrict any access to your computer, which I'll definitely use after I find out what his I.P is again. After I add this persons I.P address to that list what exactly if anything EXTRA will this do to keep this person from breaking through?
Also, since this started I have been having alot of problems with my computer like it not connecting to the internet. I'll be connected and can play downloaded programs but if I try and search the internet it will say Im not connected. Also the poker programs I use have been acting funny. I've been having a hard time logging into most of them when I never had problems before. I'll usually get some kind of warning saying im not connected and not until after numerous attempts Ill finally get in. And the weirdest thing thats happened since this started was I walked away from my computer to come back and see an Internet Explorer warning box that had popped up on its own saying something like " You have been logged off of chat because you logged on from another computer". I have no idea where this warning came from or what it was talking about because I dont chat online at all on any sites or servers. So something is definitely going on.
I wish I had the guys I.P address now so I could put it up in this post but I didnt write it down and save it, I just wrote it down yesterday to check it on a I.P locator but forgot to save it. The guy does it atleast 10 or 20 times a day so Im just waiting today for it to happen again so I can get his I.P address and write it down save it and add it to the restricted compter list in Nortons. When I get it Ill come back and post it here so maybe you guys can tell me something about the user.
If anybody has the answers to my 3 main questions .. Please HELP
05-04-2010 02:19 PM - edited 05-04-2010 02:20 PM
I've recently (last few days) experienced persistent Portscans from the same IP in China...may be the same IP as with your experience. Do you wish to compare IP's ... your History logs should have the IP info and record of Intrusion Attempt. I have not noticed any issues with my box.
05-04-2010 06:21 PM
Sure I wish I could get the exact I.P and post it but I actually didnt get a warning today like I have been every single day. I wonder if he somehow knows Im posting about it, its a lil weird that the only day I didnt get an attack was the day I started posting about it online. I remember there was a 166 in it. Where are these history logs? I couldnt find anything like that in the Norton Security.
05-05-2010 07:41 AM - edited 05-05-2010 08:07 AM
iitsLexiis wrote > Where are these history logs? I couldn't find anything like that in the Norton Security.
Which Norton product & version are you running...NIS, NAV, NSS ? If you're running NIS ~ click on History from the user interface...
iitsLexiis wrote > "A recent attempt to attack your computer was blocked"
IMO the intrusion attempts were blocked so you are protected with regard to those attempts...
Please post the Intrusion Attempt log information you are concerned about... to verify what is occuring.
Regarding your browser & connectivity issues... hopefully those will be addressed by the Community
05-05-2010 09:54 PM - edited 05-05-2010 10:08 PM
Ive got NIS 2005 version I didnt see anything that said history but I found the logs under a link that said statistics. The I.P of the guy who was doing it is
188.8.131.52 (122000) and he attacked ports 9000 9090 6588 if that means something (Im not tech savvy at all) protocol TCB
He started on the 27th and since the day I posted this on here on the 4th I had 3 more attacks with the last one ending at 1:13 p.m 2 hours before I posted this, since then I havent gotten any more attacks and my computers been acting normal again. I just added his I.P to the restricted zone in my personal firewall, I guess that will stop all portscans from him permanently. Thnx bjm let me know if thats the same I.P
05-05-2010 10:39 PM
If you put that IP into Google, you will find many listings for that ip. I didn't look at any of the listings since the sites were unfamiliar to me, but they didn't sound too good. Here is just one of the names of the topics that came up.
I saw sites that list it as a poker site and doing port scans. I suppose complaining to the ISP of this person probably won't do much good.
Success always occurs in private and failure in full view.
05-06-2010 01:08 AM
05-06-2010 01:15 AM - edited 05-06-2010 01:18 AM
NIS 2005? I think that might be a little outdated? I think you need to upgrade to the current version NIS 2010, I'm not sure that version will still be protected.
Good advice to update to NIS 2010 as it is much improved over 2005. This would normally require a purchase of NIS2010 as there is not a free upgrade path from 2005. However, may get some assistance by contacting Customer Support here and asking if they can upgrade.
It would be a good idea to check the current PC specification against the system requirements for NIS2010. These can be found here
We look forward to the time when the Power of Love will replace the Love of Power. Then will our world know the blessings of peace. ~William Ewart Gladstone
05-06-2010 01:31 AM