• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

High Activity on T.C.P. Port 24744

With all the current un-Patch Vulnerabilities kicking about just now, I just thought I would bring this to everyone's attention - the main attention is for symantec.  Norton is Blocking it, via the Un-used Port Blocking, but it is Blocking it every two to ten seconds on average.

Please feel free to comment on this and maybe Users could check their History and see if they are getting this High Activity.

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]

Replies

Kudos0

Re: High Activity on T.C.P. Port 24744

With all the current un-Patch Vulnerabilities kicking about just now, I just thought I would bring this to everyone's attention - the main attention is for symantec.  Norton is Blocking it, via the Un-used Port Blocking, but it is Blocking it every two to ten seconds on average.

Please feel free to comment on this and maybe Users could check their History and see if they are getting this High Activity.

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: High Activity on T.C.P. Port 24744

Do you use anything on that port, like torrent programs?
Windows 10 Hungarian, Norton Internet Security v22.9.0.71
Kudos0

Re: High Activity on T.C.P. Port 24744


PapauZ wrote:
Do you use anything on that port, like torrent programs?

Nope, but I do have Torrent installed; haven't used it in a long time.

Earlier today (Thursday, December 18, 2008), I got High Activity on T.C.P. Port 40001 and 50894.

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: High Activity on T.C.P. Port 24744

Get a hardware firewall and be done with it.
Real Time Protection = NIS 2009 + NATBehavior Analysis = ThreatfireOn Demand = MBAM
Kudos0

Re: High Activity on T.C.P. Port 24744

It must be some program on your PC.... Check the tasks what is runnin, and maybe you could find something "new".
Windows 10 Hungarian, Norton Internet Security v22.9.0.71
Kudos0

Re: High Activity on T.C.P. Port 24744


PapauZ wrote:
It must be some program on your PC.... Check the tasks what is runnin, and maybe you could find something "new".
Just want to point out it was In-coming Connection Attempts.
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: High Activity on T.C.P. Port 24744

I think there should be a feature in NIS which shows the current network activity details showing the active network connections, applications or services which have established the connections, IP addresses to which they are connected and the ports being used. This will give clear picture and a user can easily find out the application or the service causing the suspecious network activity.

I have seen similar feature in some firewalls such as Sygate and Tiny Personal Firewall(I used it around 3-4 yrs ago. Many of you might not have heard of them). I Hope Symantec will include this feature in future versions of NIS.

--Vinod

Message Edited by pore_vinod on 12-18-2008 03:22 PM
Kudos0

Re: High Activity on T.C.P. Port 24744


pore_vinod wrote:

I think there should be a feature which shows the current network activity details showing the active network connections, applications or services which have established the connections, IP addresses to which they are connected and the ports being used. I have seen this feature in other firewalls such as Sygate and Tiny Personal Firewall(I used it around 3-4 yrs ago. Many of you might not have heard of them). I Hope Symantec will include this feature in future versions of NIS.

--Vinod


symantec took this Feature out of N.I.S. 2009, which was called the Log Viewer, but is in Norton 2007 and 2008 and maybe Earlier Versions of N.I.S.; it was something very, very similar to what you describe.
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: High Activity on T.C.P. Port 24744

You are right in saying that the logs had details about the network activities. The feature I was referring to was about live network activities. Just like Task manager showing active processes and applications.

--Vinod

Kudos1 Stats

Re: High Activity on T.C.P. Port 24744

run>cmd>netstat

shows you all active connections. 

=\

This thread is closed from further comment. Please visit the forum to start a new thread.