• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

How is Norton Core handling inside threats?

Hi All,

I am curious about how Norton Core actually handles inside threats. I am aware that Norton Core is connected to the Norton cloud and that way it's able to analyze malicious websites for viruses and stuff like that, and it will be able to block anything suspicious that Norton has in their database. But, how about inside threats, say my good friend is able to connect to my Core and then that friend actually starts acting malicious and controlling some of my devices without me knowing it, e.g. a brute force attack to figure out pins and passwords of some IoT devices that are connected to the router.

Will Norton Core be able to detect such a malicious activity from a device that's actually connected to it? Also, how does the quarantine mechanism work? Is it able to quarantine, say a device that's connected to my Core (somehow the hacker knows my password), a PC/laptop, and then it launches brute force attacks. Does Norton Core know that this kind of traffic is unusual and, thus, it needs to be blocked?

Thank you!

P.S. I am aware that there is a mechanism to create a Guest Network but I am talking from another perspective where an attacker actually knows my Core password (yes, although the phone app suggests me to have a really "strong" password - there is no password that is too strong for very smart hackers out there.. :) ).

Labels: Quarantine

Replies

Kudos2 Stats

Re: How is Norton Core handling inside threats?

Don't worry about others accessing devices on your network because that would require a functioning Core.

Kudos0

Re: How is Norton Core handling inside threats?

That's why you get a free subscription of Norton Security for all your devices that are smart enough to be able to install the software. Most if not all of the ransomware is being blocked by Norton Security, not your Core router. The next step beyond that would be to use their VPN service on your mobile devices so you're covered even when your traffic isn't going through your Core router.

Kudos0

Re: How is Norton Core handling inside threats?

Can we install Norton Security on smart devices like sensors? I thought we couldn't right? So if somebody hacked my sensor, how could Norton Core/Norton Security protect against that?

Kudos0

Re: How is Norton Core handling inside threats?

Could you elaborate more? What do you mean by a functioning core? Well, my Core is up an running right now. :)

Kudos0

Re: How is Norton Core handling inside threats?

Can we install Norton Security on smart devices like sensors?

No. There are only versions for Windows, Mac, and mobile versions for Android and IOS devices. 

Things happen. Export/Backup your Norton Password Manager data.
Kudos0

Re: How is Norton Core handling inside threats?

Hopefully, they have the Core looking for behavior typical of some of the more prevalent pieces of malware that attempt to "phone home", or perform other tasks outside the norm. I'm not betting any money on it though.

Kudos0

Re: How is Norton Core handling inside threats?

Today’s WiFi routers are vulnerable to cyber attacks due to a lack of security features. Norton Core monitors your connected devices like WiFi thermostats, smart locks, appliances, and home security cameras for suspicious activity. If a device becomes compromised, it quarantines the threat before it spreads ensuring your digital world is safe, keeping the bad guys out.
 
Core helps secure your connected home, fending off cyber threats before they infiltrate and compromise your digital life. With its network packet inspection combined with intelligence from a global threat database, Core can help stop the threats before they infiltrate your home network. Your home network will also be ahead of the latest threats with automated security updates and comprehensive data encryption.

 https://us.norton.com/core-secure-router-faq

Kudos0

Re: How is Norton Core handling inside threats?

SendOfJive:

Today’s WiFi routers are vulnerable to cyber attacks due to a lack of security features. Norton Core monitors your connected devices like WiFi thermostats, smart locks, appliances, and home security cameras for suspicious activity. If a device becomes compromised, it quarantines the threat before it spreads ensuring your digital world is safe, keeping the bad guys out.
 
Core helps secure your connected home, fending off cyber threats before they infiltrate and compromise your digital life. With its network packet inspection combined with intelligence from a global threat database, Core can help stop the threats before they infiltrate your home network. Your home network will also be ahead of the latest threats with automated security updates and comprehensive data encryption.

 https://us.norton.com/core-secure-router-faq

I see.. My current conclusion is that Core would only handle outside threats, perhaps like virus/malware attacks to my devices. Based on my current experience, I don't see that Core handles inside attacks and that's why I asked this question. I've just tried hacking one of my sensors (brute-force attack to figure out the sensor's pin) using a computer (I am using a RaspberryPi) from inside my Core network and I got no warning from the phone app. Phone, sensor, and computer are all connected to one Core. I did this to test that very claim that Core quarantines problematic devices, so I wonder if I was missing something in my subscription. I just followed the installation procedures mentioned in the phone app and my security score was still 500 after I attacked the sensor. I thought Core could detect something like unusual multiple-access attempts on a device (e.g. brute-force attack)? Any thoughts guys?

Accepted Solution
Kudos1 Stats

Re: How is Norton Core handling inside threats?

Unfortunately, Symantec documentation on product features is often vague, and Norton Core is no exception  We tend to get a general description of what the product does, but nothing specific about the whats and hows.  I'm sure there are some things that are proprietary or which need to be undocumented in order to avoid being circumvented, but it often does leave one wondering exactly what certain features actually do.

Kudos0

Re: How is Norton Core handling inside threats?

SendOfJive:

Unfortunately, Symantec documentation on product features is often vague, and Norton Core is no exception  We tend to get a general description of what the product does, but nothing specific about the whats and hows.  I'm sure there are some things that are proprietary or which need to be undocumented in order to avoid being circumvented, but it often does leave one wondering exactly what certain features actually do.

I think you're right. I've just clarified with the Norton Core customer support by phone and the person said that Core doesn't handle inside threats. The quarantine and such would occur if the threats come from the outside of the local Norton Core network. Devices that know the Core's passphrase would be considered as NOT a threat.

This thread is closed from further comment. Please visit the forum to start a new thread.