• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos0

Weird IPS Statistical Submission

I checked my history and for the past 3 or 4 days I have had this thing keep showing up as a IPS detection there is quite a bit of these and they all say jtun_ncodat from what I can tell, is this something I should be worried about or is it just sending out a test saying that could be a vulnerability? I'm not really sure how it works. 

Category: Norton Community Watch
Date & Time,Risk,Activity,Status,Recommended Action,Date Updated,Submitted By,Description,Submission Details
4/2/2017 1:34:17 AM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,4/2/2017 1:34:18 AM,Norton Security,IPS Detection Statistical Submission,"Signature ID: 27181  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 51460  <br>Protocol: 6  <br>Signature Set Version: 20170331.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\NORTON SECURITY\ENGINE\22.9.1.12\NS.EXE  <br>Offending URL: liveupdate.symantecliveupdate.com/1491111425jtun_ncodat170402002-170402003.x03  <br>Date Detected: Sun, 02d Apr 2017d 06d:34d:17d GMT  <br>Application File Checksum: 42C09F5659D8620BFDF1F61A5E7059F0  <br>Application File Information: 14.1.0.65  <br>Network Data: 434D50520014000078DAED92CD6ED34010C7C72482504A41A215E2162A217120FE4AA2E213B2B29BDA4D6A3BBB8EA87B5959AE29AE1A27244ED50A71E0C443F4157AE03178AC4EAC3454414270DF9FB4DAD99DFFEC8CC7E3918E5D03E40140054051D07C836BB16FE26A9C01E45B78524CA8E2B90A3BC0E8604879281CC284E3A311F82C0C168F28DA52F41C42667BBC4B99E83843AF470994FE363CC4ED1D6C41C771FB4474DD3EF5EC436AB42C036999EDB3629E8B3C199FC485B1A7B77453D7CDC69DD5542FF526286F97599E82CB45C0FCA3480CF95D8ACD32C56B2C61BDCEF3EC229D4FF0E1549D5D8DE2BC48937B57C978044A7319FCE27730B509FDE7F89D32BE0FAFD6E3B13E26EC7DEA851ED74C53B5544335CCFAA14BB4AFA61D4DDE1F8C4FAF06519215DDCF718F6447FAE84BBB48BED5392A8EDB17A71FED923AA7036DD50E502A65C2063C59251C3257FBBF766EACDAC9280F7C8F53D1F109FD55B6B3B674BEBCEFF442FC1081BF6E3F74AE8F17B2C7651D1BE574ACC9C228A0457A596893F338CB63E543297DF6C70CB827695E649FB2743A532DCB0A7A95EA360A6B70F3F3FB01D9557E44388611CEE923BC4DE65375964C412291482412894422914824128944F2776E01DCF09F40  <br>Sub-signature ID: 69230  <br>Signature Properties: 29712  <br>Referer URL:   <br>Application File SHA256: 15EB5CB87D8F62AE2AC9CC57F3CF0EE9E1CF7CA85441CF06413965EE43844D5A  <br>Application File CreateTime: 131345563003960675  <br>IPSSubmissionID: 272cab52-ab7b-11e7-8586-806e6f6e6963  <br>Application File Reputation: 0  <br>Application File Prevalence: 0  <br>Remote Address: 23.215.98.113  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 21 Model 2 Stepping 0  <br>System:Windows 10 Home build 14393   <br>Platform-GUID:9D6A5753-F0B2-4D1C-8C05-D06349C5EA1D  <br>DateSubmitted:Sun, 02 Apr 2017 06:34:17 GMT  <br>Product:Norton Security 22.9.1.12"

Category: Norton Community Watch
Date & Time,Risk,Activity,Status,Recommended Action,Date Updated,Submitted By,Description,Submission Details
4/1/2017 11:21:39 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,4/1/2017 11:21:40 PM,Norton Security,IPS Detection Statistical Submission,"Signature ID: 27181  <br>Local or Remote Attacker: 2  <br>Remote Port: 80  <br>Local Port: 51158  <br>Protocol: 6  <br>Signature Set Version: 20170331.001  <br>Application Name: \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\NORTON SECURITY\ENGINE\22.9.1.12\NS.EXE  <br>Offending URL: liveupdate.symantecliveupdate.com/1491104811jtun_ncodat170402001-170402002.x03  <br>Date Detected: Sun, 02d Apr 2017d 04d:21d:38d GMT  <br>Application File Checksum: 42C09F5659D8620BFDF1F61A5E7059F0  <br>Application File Information: 14.1.0.65  <br>Network Data: 434D50520014000078DAED92CD6ED34010C7C72482504A41A215EA2D1C907A20FE6AAAD61790156F6A37A9EDECDA2239542BCB35C555E384C441FD500F3C0A0FC03370E565780726AB3454414270DF9FB4DAD99DFFEC8CC7E33B2DBB06C803800A80A2A0F91AD77C5FC7D538072836F0A49850C57315B680925E4C58C45D87723740230C6814CE1F51B485E83944D4F6599B50DE7263BF431C10FE3D7888DB1BD88096EB751DDEF6BAC4B78F89D1B40C436F1E18C679392B78918E4E93D2D8D79BBAA9EB46E3CE32D54B7D17949D4596A7E0311ED2A03FE031BB4BB12E52BCC21256EBBCC83F67B3313E9CA9D3AB615294597AEF2A1D0D41D95D04BFF81D4C6C87FC73FC9688EFC2F66A3CD647B97D48FCC8679A69AA966AA886593FF61CEDC6B407E383A3D1D9556F90E665FB63D271F2BE3EFCB457A6B775868AD8BD3E7B6F0BEA8CF4B4653B40A988840D78B24C18534FFBBF76AE2DDB49090B039F11DE0A1CF243B4B3B670BEBCEFF423FC108EBFEE3072BF9FCC658F451D6B623A5664D120246576596AE38B242F12E59D903EFB6306BCD3AC28F30F793699AA9665859D4A75138535F8F9F5CBD1CEB7B7F53E8E611FE7F411DEA6B3893A4D27209148241289442291482412894422F93BBF0092D19FEB  <br>Sub-signature ID: 69230  <br>Signature Properties: 29712  <br>Referer URL:   <br>Application File SHA256: 15EB5CB87D8F62AE2AC9CC57F3CF0EE9E1CF7CA85441CF06413965EE43844D5A  <br>Application File CreateTime: 131345563003960675  <br>IPSSubmissionID: 9f99ec5a-ab68-11e7-8fed-806e6f6e6963  <br>Application File Reputation: 0  <br>Application File Prevalence: 0  <br>Remote Address: 23.215.98.113  <br>  <br>OS-Country:1  <br>OS-Language:English  <br>Processor:AMD64 Family 21 Model 2 Stepping 0  <br>System:Windows 10 Home build 14393   <br>Platform-GUID:9D6A5753-F0B2-4D1C-8C05-D06349C5EA1D  <br>DateSubmitted:Sun, 02 Apr 2017 04:21:39 GMT  <br>Product:Norton Security 22.9.1.12"

Replies

Kudos0

Re: Weird IPS Statistical Submission

Hello

I have been seeing the same thing except it has my details since March 31. I'm waiting to see the next IPS definitions, but so far they haven't arrived.

Thanks.

Success always occurs in private and failure in full view. Windows 7 Pro 64 bit NSBU 22.17.0.183 Core Firmware 270 I E 11 Chrome latest one

This thread is closed from further comment. Please visit the forum to start a new thread.