Hey all,
When I ran my Nortons update it wanted me to restart my computer afterwards. Well I restarted it and I saw something in my LOG I have never seen before.
Inbound UDP packet allowed.
Local Address (69.XXX.XXX.201, Port (64288) ).
Remote Address (68.XX.XX.246, Port (53) ).
Did Nortons just let a virus in?
I know UDP packets can contain viruses and it let it in while the computer was rebooting. Could the defense system have been down during the reboot?
"Early Load" is turned on in the options section, but could it take the program a minute or two after reboot to work?
I did a virus full virus scan and it shows nothing.
Hi MarcHatzi,
This is nothing to worry about. Your firewall only allows packets in when some program running on your computer has requested them. Anything else will be blocked. In this case something requested a DNS lookup to find an address on the internet, possibly to find a server to check for updates. The reply was therefore allowed. There is nothing unusual about this. DNS lookups are routine and use the UDP protocol. UDP packets do not contain viruses. Your protection was entirely up and running as is evidenced by the fact that the firewall saw the communication, allowed it and logged it.
You do not need to take any actions based on log entries such as this. Norton is simply recording the events that it is monitoring. If anything out of the ordinary occurs that requires your intervention or attention, Norton will alert you to such a problem. Unless you are an expert, it is not necessary, nor advisable, to comb through the Norton logs looking for problems. Anything you spot will have already been taken care of by Norton, or was never a threat to begin with. Unfortunately, the logs can sometimes cause unfounded concerns simply because all the information presented there deals with technical stuff that most users are unfamiliar with.