Hi phral,
Version 15.5.0.23 is NIS 2008.
The SWF attack issue is being reviewed by Symantec Staff.
Well something weird is happening on your computer.
Waitress at the IMDB site has no problems for me. That was a great movie. Try this link and see if it works on their site:
http://www.imdb.com/title/tt0071275/literature
(No particular reason except I'm the one who wrote the story the movie is based on. 
)
Oops, I'm getting off topic.
Anyway, if you're getting blocked, it sounds like something else is happening. Do you have pop-ups blocked in IE 7? I do, and IMDB still finds a way to sneak them through -- maybe one of those are triggering the interception.
mijcar, you misunderstood. We’re NOT being BLOCKED ACCESS to said websites. We can still acces them, what NIS is telling us is that ATTACKS/INTRUSIONS are being blocked either FROM these legit websites or TO these websites FROM US. The problem is, these are most likely false positives.
Message Edited by Gravel on 09-21-2008 07:51 PM
Sorry -- that's the problem with shorthand.
Yes, I know you can get there.
I meant that there is nothing on that site that is coming my way that needs blocking. But I was wondering if somehow the popups that are launched there were triggering interceptions.
But otherwise I should get the same false positives as you, right? And I'm not. Unless you have different settings than I do. My settings are at NIS' defaults.
Therefore, the most likely culprit is something on your computer that is different than something on my computer. If it's not Norton, then it must be something else. A new virus ....?
Hi mijcar,
It may be some type of drive-by intrusion attempt. I have just recently received two similar intrusion attempt notices while visiting legit websites such as a popular place to check the weather; and I didn't click on anything there!
The "Attacking url" is not the legit website, but the "Attacking Computer" is mine - probably because the Attacking url is attempting to use the Flashplayer or Shockwave on my computer.
I don't believe it to be anything on my computers as they are very clean and all have the latest Flash Player Update. I'm currently researching this and I am submitting some info to Symantec employee Tim Lopez who was working on this in an earlier post.
It may turn out to be false positives, but it could indicate a rise in this type of drive-by attack.
Message Edited by Phil_D on 09-21-2008 08:41 PM
Hello All,
Has anyone who has experieced this issue tried updating to the 2009 products ( http://www.norton.com/nis09 )? If so, did it resolve the issue for you?
Phil, by "drive-by-attacks" you mean the kind of attacks in which someone tries to hack your laptop WIFI signals right? Well I don't have a laptop and I never use WIFI. All I have is a single desktop computer.
Hi Tim,
Yes I have experienced this with NIS 2009.
I think you should have received my info along with a screenshot forwarded to you from Tony.
Hi Gravel,
A drive-by attack is not limited to wireless.
In short, a legitimate website unknowingly may have malicious code injected into it. When a visitor goes to that website, they can become infected even if they don't click on anything!
That may be what is causing the NIS notifications of blocked intrusion attempts. If so, I'm glad I have NIS 2009 installed!
This article by John Harrison gives a much better explanation.
Message Edited by Phil_D on 09-22-2008 02:18 PM
A drive-by would be a possible explanation except I've visited the site and Norton found nothing. If Gravel experienced the problem both before and after my visit, then it would seem to exclude a drive-by incident.
Hey mijcar,
I can appreciate your comments; however I was not able to duplicate my own event by revisiting the website in question. It may be a radomized attack or it could be a false positive.
I am going to withhold final judgment until Tim Lopez and the tech team can decipher the information sent to them.
Phil,
In this case I am kind of saying the flip-flop of that.
If gravel is STILL getting items blocked when he visited "Waitress" on imdb.com, then it is likely that it isn't a drive-by (since I don't). If when he visits, he goest nothing blocked, then I'm with you -- good chance it was a drive-by.
Hi mijcar,
As an experiment, I'll try that website tonight and report back with my results.
And....I get to critique your story!
Talk to you later on.
Tim_Lopez wrote:Hello All,
Has anyone who has experieced this issue tried updating to the 2009 products ( http://www.norton.com/nis09 )? If so, did it resolve the issue for you?
Hi Tim,
I've not updated to NIS 2009 yet, but in my case this is only happening with NIS 2008 and Win XP/IE7 and not with NIS 2008 and Vista/IE7 (now IE8 beta). Also, these intrusion notifications only started at the end of August this year whereas I seem to have had the latest version of the Adobe Flash browser plugin since March. The notifications are very sporadic and I haven't had one for several days. I tried the movie database website mentioned by one poster and NIS didn't react at all. It seems like all of us are having different experiences with these intrusion notifications. My computers are all regularly patched and 100 percent malware free (I hope 
), and I regularly clear out my browser cache, temp files etc., so I can't think what could have caused an outbound intrusion attempt.
Debbie
Debbie,
Adobe has had significant changes in its Flash program because of security issues and there have been at least two updates since March.
I recommend you run a scan from www.secunia.com (you might even want to install their free software) and find out which of your common programs need upgrades.
Hi Mij,
Yes I have run the scan and yes, my Adobe Flash Player is the latest version. Actually, I don't really know when it was installed but when I looked in the downloaded programs folder in Windows a couple of days ago, I saw that a Shockwave Flash Object with the version number mentioned in this forum carried a "creation date" of 3/25/2008. After that I checked the entry for Adobe Flash Player ActiveX in my add/remove programs directory and the version number was the same - 9.0.124.0. Just to be doubly sure, I tried updating it via Adobe's website but it reports my flash player as current.
Debbie
Hi mijcar,
Well, I checked out Waitress on the site you mentioned and I got no intrusion attempts. But as I mentioned, I received one attempt on each of two computers while visiting two different legit websites.
So I guess I'll wait to see what Tim Lopez comes up with.
By the way I watched a number of the clips - good storyline! My Congratulations!
I guess the big question is whether or not Gravel still gets these "hits". If he does and we don't, then it doesn't sound like drive-by's. If he doesn't and we don't, then I will second your guess of drive-by.
But you're absolutely right -- both of us are groping in the dark. 
Let's see what the masters have to say if they ever get to this thread.
(Oh - thanks for the comments regarding the movie.)
Message Edited by mijcar on 09-22-2008 08:43 PM
Any movement on this issue yet. Having the same "HTTP Adobe SWF" issues on several sites as others have reported.
Used Norton Products for 10+ years, then switched to ZAISS for two years, and have now returned to Norton after too many issues ZAISS and the good reviews for NIS2009. So far am very impressed with the efficiency of the rewrite.
Still getting this on a few sites. I just wish some clarification on this would be given.