Un-used Port Blocking and Norton Product Tamper Protection

Norton Security | Norton Internet Security
1

Un-used Port Blocking

 

"Unused Port Blocking has blocked communications"; my Recent History is filled from top to bottom with this.  In-bound  Port 38959.  This happens, on average, every two seconds to a minute.

 

 

Norton Product Tamper Protection 

 

Felt my computer lagging, so, I checked the Background Tasks, Phishing Protection Updates.  Just then, this box appears; just happened again:

 

________________________________________________________________________________

Microsoft Visual C++ Runtime Library

________________________________________________________________________________

 

 

   X             Runtime Error!

                  Program: C:\Program Fi...

                  

                  This application has requested the Runtime to terminate it in an unusal way.

                  Please contact the application's support team for more information.

 

 

 

                                                                      _____________ 

                                                                             

                                                                               OK

                                                                      _____________

                

 

_________________________________________________________________________________

 

Then the Background Tasks window Closed, along with Norton Internet Security, but the icon still remained in the Task Bar, so I hang my Mouse over it and it dis-appears; however, the History stayed Open.  Next, the Norton Internet Security Auto-Fix came up (checked for connection, e.t.c.) and it lead me to a Page which had the heading, something like: "Can't open...".  I then tried to Open Norton Internet Security via Start-Up Menu twice and it never happened the first time, but, then the second time, I noticed the icon was back and Norton Internet Security had Opened.  I then checked my History.  There was eight logs in the Norton Product Tamper Protection, all of which the "Actor" was: c:\\windows\system32\svchost.exe.

Message Edited by Floating_Red on 10-30-2008 11:09 PM
2

Left computer on overnight while doing a Full Scan; this morning Updated Malwarebytes’ Anti-Malware, booted in to Safe Mode, did a Full Scan, re-started in Normal Mode and, when I did, got this pop-up: “Symantec Service Framework encountered a problem and needed to close.  Please tell Microsoft about this problem.” 

3

If you have a port or ports forwarded through your router, the unused port blocking will keep coming up when that port is not being used.  It’s doing the same thing to me.

4
Dch48 wrote:
If you have a port or ports forwarded through your router, the unused port blocking will keep coming up when that port is not being used.  It's doing the same thing to me.

 

I am well-aware of this; just thought I would bring it to symantec's Attention since NY1986 reported that same thing happening and a symantec Employee asked for more details.

 

If you noticed, it was the exact same Port trying to brute-force it-self past the Firewall to Access the computer.

5

Yes it is the same port but I’m not sure if anything is trying to come through or if NIS is just blocking it simply because it’s open.

6
Dch48 wrote:
Yes it is the same port but I'm not sure if anything is trying to come through or if NIS is just blocking it simply because it's open.

 

Hello,

   If you read the words in Quotation Marks in the Un-used Port Blocking, you will see it does Block Communications.  You can also check via the History and Click on "More Details" on the "unused port blocking has blocked communications".

Message Edited by Floating_Red on 10-31-2008 07:52 PM
7

I know it says that but is it really blocking attempts to get through? I would think a notification popup would occur if it was.

8
Dch48 wrote:
I know it says that but is it really blocking attempts to get through? I would think a notification popup would occur if it was.

 

Yes.

 

If they had pop-ups for every time this happened, you would get them from every few seconds on sometimes, to every hour.  Imagine having pop-ups like this every few seconds...

9

NY 1968 is using NAV 2008.

10
Dieselman743 wrote:
NY 1968 is using NAV 2008.

 

Doesn't matter what Norton Product and Version you are using.
11

You will see the "Unused Port Blocking" message when NIS detects an inbound packet directed at a port that is not being used by any running application. NIS will automatically block such packets and there is nothing more for you to do.

 

I have seen this happen after I've run a P2P client for a while and then stop running it. For days after I stop running it, random machines over the internet will try to connect to that (now non-listening) port. If you remove the port-forwarding from the router for those ports, that should stop it.

 

Shane.

12

yes. On my concerns about the unused port blocking, it is very clear that it is being blocked. I had raised the original question to see if anyone else had the same ports being targeted. I have since turned off my computer for a few hours. After I re-booted, I had none of the same constant attempts. I guess they gave up.

 

I have noticed that sometimes unused port blocking will show a blocked attempt of TCP at port 80, which I understand is for web browsing. Not sure why it blocks that but I'm glad because I want no unsolicited inbound contact

Dieselman, i know get NIS and a router :)   I will someday