12-21-2008 05:30 PM
I am new to the board, so I am not sure if this is the right section to be posting this topic in. I apologize if it isn't in advance.
I have a few questions about intrusion prevention. I am wondering why my computer keeps being attacked randomly by the same IP addy almost every time? It is always blocked when they try. I traced the IP addy and got an address from the same city in which I live. It is coming from a business building, but the suite number that it is attacking from as far as I know is not an actual business like many others in the building. Is it possible that this may be a hacker? I find it weird that it is almost always from the same IP. Should I change my IP? Will this deter this "person" from trying to attack my computer if I do? Also, why is this happening so often? I am very computer savvy so any help anyone can give me would be great. Thanks in advance!
12-21-2008 05:40 PM
12-21-2008 06:44 PM
12-22-2008 06:08 AM - edited 12-22-2008 06:09 AM
If you have N.I.S., a Hard Firewall is not really required since you have symantec's excellent Two-Way Firewall. Then you've got I.P. [Intrusion Prevention] and finally Auto-Protect and on-demand Scanners. You also have Phishing Protection which Scans Web Pages.
Could you Post a Screen Shot of the Details of the I.P. [Intrusion Prevention] you are getting. Remember to block out the I.P. Addresses. Also, what Version of N.I.S. are you using? Thanks!
12-22-2008 04:50 PM
Is it like your DSL box (196.8.0) showing up on your connection log every 3-4 minutes?
are you getting messages in your activity log that says unsused port blocking has blocked.............?
12-22-2008 08:13 PM