United States
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Norton Internet Security / Norton AntiVirus

Reply
Topic Options
PurkissA
Visitor
PurkissA
Posts: 3
Registered: ‎07-11-2008
Accepted Solution

Norton Ghost Backup File transfer across home network fails due to intusion detection

Options

‎07-11-2008 05:50 AM

Trying to transfer a 9GB Norton Ghost Backup file between two PC using MS protocols. The Norton Ghost file starts transfering but 1/4 way through brings up the message "Cannot Copy %filename% Network name no longer available", On the destination PC, NIS gives the message intusion attempt blocked. Example messages below

 

Details: Attempted Intrusion "Nebiwo Worm Propagation (1)" against your machine was detected and blocked.
Intruder: Wavp-XXXXXb8528.home(1212).
Risk Level: High.
Protocol: TCP.
Attacked IP: WAVP-XXXXX6008D.
Attacked Port: microsoft-ds(445).

 

Details: Attempted Intrusion "Deloder Worm Infection" against your machine was detected and blocked.
Intruder: Wavp-XXXXXb8528.home(1147).
Risk Level: High.
Protocol: TCP.
Attacked IP: WAVP-XXXXX008D.
Attacked Port: microsoft-ds(445).

 

Both machines have been scanned and no infection found. Nebiwo removal proceedures also confirm infection not found. I am running XP SP3 on both machines. Intel based D975XBX and DX48BT2 boards with intel on board network interface. Help. I have intrusion detection turned off and file transfer completes OK. I would add the problems also occured with SP2.

Report Inappropriate Content
Message 1 of 6 (5,131 Views)
0 Kudos
Symantec Employee
Symantec Employee
reese_anschultz
Posts: 2,562
Registered: ‎04-08-2008

Re: Norton Ghost Backup File transfer across home network fails due to intusion detection

Options

‎07-11-2008 11:10 AM

What version of Norton Internet Security do you have installed? What version of the IDS signatures is on your system (found in the logs)?
Reese Anschultz
Senior Software Quality Assurance Manager, Symantec Corporation
Report Inappropriate Content
Message 2 of 6 (4,035 Views)
0 Kudos
PurkissA
Visitor
PurkissA
Posts: 3
Registered: ‎07-11-2008

Re: Norton Ghost Backup File transfer across home network fails due to intusion detection

Options

‎07-14-2008 03:59 PM

Norton Security Online provided by BT Yahoo! Online Protection Version 10.2.0.30 (my computer recognises it as NIS2007).

Intrusion Prevention Signature File Version: 20080711.001. Intrusion Prevention Engine Version: 4.0.1.80206. Can't find IDS signature date but it is the latest live update file.

Report Inappropriate Content
Message 3 of 6 (3,992 Views)
0 Kudos
PurkissA
Visitor
PurkissA
Posts: 3
Registered: ‎07-11-2008

Re: Norton Ghost Backup File transfer across home network fails due to intusion detection

Options

‎07-14-2008 04:07 PM

Also I don't understand why this messages thread has been moved from the NIS section to Other products. Although Norton Ghost is mentioned the problem lies with NIS. It is just a Norton Ghost large backup file I am trying to move. It is not a problem with Norton Ghost.

Report Inappropriate Content
Message 4 of 6 (3,989 Views)
0 Kudos
Symantec Employee
Symantec Employee
reese_anschultz
Posts: 2,562
Registered: ‎04-08-2008

Re: Norton Ghost Backup File transfer across home network fails due to intusion detection

Options

‎07-14-2008 04:27 PM

Thanks for the feedback. I'm looking into it.
Reese Anschultz
Senior Software Quality Assurance Manager, Symantec Corporation
Report Inappropriate Content
Message 5 of 6 (3,979 Views)
0 Kudos
Symantec Employee
Symantec Employee
reese_anschultz
Posts: 2,562
Registered: ‎04-08-2008

Re: Norton Ghost Backup File transfer across home network fails due to intrusion detection

Options

‎07-18-2008 02:53 PM

Sorry about not getting back sooner.

 

Our suspicion is that you have some crash dumps in your Ghost image and that the our signatures are triggering the detection. Unfortunately there's not much that you can do about this other than, delete the dumps, disable the particular problem signature(s), or disable Intrusion Prevention/Detection altogether.

Reese Anschultz
Senior Software Quality Assurance Manager, Symantec Corporation
Report Inappropriate Content
Message 6 of 6 (3,891 Views)

Products

Services

Support

Norton on Facebook
Norton on Twitter
Norton's YouTube Channel
Symantec on Linked In
Norton on Google+