Intrusion Attempt

Norton Security | Norton Internet Security
1

Hi,

    I just started up the laptop and i get an intrusion attempt:

 

An intrusion attempt by 192.168.2.1 was blocked. Application path System

Risk Name: NMap Null Scan

 

Then the further details...

When I googled NMap..... I found a post here.

So is that post right, am i safe?

2

That post is absolutely correct. You have nothing to worry here, that attack has been succesfully blocked by the Norton product.

 

Intrusion Prevention scans each incoming packet and outgoing packet individually to look for the patterns that are typical of an attack. It also monitors the packets as a stream of information to identify the attacks that are spread across multiple packets. If the information matches a known attack, Intrusion Prevention automatically discards the packet and severs the connection with the computer that sent the data. This technique protects your computer from being affected in any way. Intrusion Prevention relies on a list of attack signatures to detect and block suspicious network activity. You can find the list here:

 

http://www.symantec.com/business/security_response/attacksignatures/index.jsp

 

Vineeth

3

Ok, Thanks I just want to be on the safe side.

4

I clear my browser cache at least once a day, so I don't think that's the problem.

Holly

5

 

Hi Holly

The link below shows 72.51.47.69 doesn’t seem to have anything to do with Verizon.

 

http://www.ip-address-lookup-v4.com/lookup.php?host=www.ip-address-lookup-v4.com&ip=72.51.47.69+&x=73&y=47

 

Here are a few things to try,

 

Try logging in to your Verizon Home Page on a computer that you haven’t logged in to Verizon previously and if you get the same problem report the situation to Verizon.  If you don’t get the same problem then try the below suggestions

 

Clear your history again and restart the computer.

 

Try flushing the DNS and restarting the computer.  The DNS is a windows function relating to browser history   There’s information on the web about flushing the DNS, use a reputable website.

 

Check for Norton updates manually or right click the Norton icon in the task bar and click, run live updates, and then recheck until there are no more updates restarting the computer as required then try a full Norton scan in safe mode (see help and support from the start menu).  Disconnect the internet before booting into safe mode as Norton appears to be disabled in safe mode only allowing a full scan.

 

 

ATB

 

intesec

 

 

 

 

 

6

For the last several days I have been getting notified by Norton that they have blocked an intrusion attempt by 72.51.47.69. The IPS Alert name is Web Attack: MaliciousToolkit Website 12. I'm glad this has been blocked but am curious why I get it as soon as I sign in to my Verizon Home Page. Yesterday it happened twice--once later in the day.

Holly

7

Thank you for your help.No I am not still seeing the Web Attack Fake Scan Webpage .

8

Hello

Please don't post a screenshot of the fake telephone number. We don't want anyone to try calling them up if they need help. Screenshot with the number masked would be ok.

Thanks.

9

@surfergirlGG2

To sum up bjm_'s comment, you may read the following info:

Your computer is still protected from that tech support scam (when it comes to tech69 dot xyz) or risky site.

More:

  • Update your Norton client to stay secure.
  • Report that site & associated phone number if you can. Sharing a screenshot would be better.
10

You happened upon malicious traffic > Web Attack: Fake Scan Webpage.

This signature detects a fake antivirus scan page that displays false virus scan results. This signature is designed to prevent access to sites that redirect users or perform actions to trick users into calling the scammer and installing misleading applications such as fake antivirus software.
The creators of misleading applications often use web pages with fake antivirus scanners in order to convince users to download and run an executable file. They may also use intermediate sites that redirect users from the site they are visiting to another one offering misleading applications for download.

Norton protects from and blocks malicious traffic. 

Intrusion Prevention protects you from attacks when you are online. It scans network traffic for attack signatures, such as social threats and outbound attacks, that identify attempts to exploit vulnerabilities in your operating system or in a program that you use. To keep you secure, Intrusion Prevention discards packets from computers that try to send data with known attack signatures. It blocks connections to those computers.

https://support.norton.com/sp/en/us/norton-security-with-backup/beta/solutions/v15471442

Are you still seeing Web Attack: Fake Scan Webpage, IPS Alert..?