I am a relatively new user to Norton 360 but have used Norton products for many years. Today , for the first time ever I recieved this warning upon visiting a certain website"Web Attack: Malicious Toolkit Blocked", I am not sure what I should do. I recieved two separate warnings different times that I visited the website. Could something like an ad on the site be causing Norton to show this warning?
I found this page http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=24089 on Norton about it and the other (one was toolkit 9, the other was toolkit 4), but I find it confusing. NOrtons details states that no further action is required. Norton Details stated that an ip adresss matches known attack and was resulted from device/hardiskvolume2/programfiles/mozillafirefox/firefox.exe. Does this mean that it was trying to attack my browser? What does the harddisk volume2 mean? (firefox in on my c drive not external storage drive)
What would you do? I ran regular full system scan of my computer and dumped temp files. What else would you do? I have an old version of Malware bytes installed but cant find info on their page on how to upgrade to the version model. Do I need to run this too? What about the Norton Power Eraser? Do I need to run this also? Upon reasearching this message one person said they used No Script firefox addon and didn't get this warning anymore. Do I need this and is it compatible with 360?
I am guessing that this notice is norton 360 just doing its job, but seeing as I am new to 360 and never had a notice before I wanted to get expert advice. I am not noticing anything else amiss but I would rather be safe than sorry. What should I do?
Every so often, and rather frequently actually, flaws are discovered in various software programs and operating systems that can be exploited by the bad guys to install malware with no user action required. Programs like Java, Adobe Flash Player, Adobe Reader and all browsers are most often targeted for attack. The software makers issue updates which patch the vulnerabilities as they are discovered, but if you have not installed the patch for a particular flaw or if no patch has been made available yet, your machine will be at risk. A toolkit is a prepackaged set of exploits that will look for multiple vulnerabilities when it runs. JavaScript contained in a malicious ad is often used to launch an attack and that is why the NoScript add-on, which blocks JavaScript on sites until the user specifically allows it, is so helpful in preventing attacks. NoScript makes browsing more inconvenient, since the user needs to allow scripting on a site-by-site basis, but it is definitely safer to selectively allow JavaScript than to let every site, including third-party advertising sites, run scripts unimpeded.
Norton's Intrusion Prevention System (IPS) can also protect you from many attacks of this type, as it did in the case of your toolkits. It uses signatures to recognize known attacks and exploits, and blocks them when they are detected. By stopping the vulnerability exploit, IPS seals off that avenue of attack that could otherwise be used to install all sorts of malware on a user's system. It is a good idea to avoid sites that have prompted an IPS alert, at least for awhile until the malicious content is cleaned up.
I am a relatively new user to Norton 360 but have used Norton products for many years. Today , for the first time ever I recieved this warning upon visiting a certain website"Web Attack: Malicious Toolkit Blocked", I am not sure what I should do. I recieved two separate warnings different times that I visited the website. Could something like an ad on the site be causing Norton to show this warning?
I found this page http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=24089 on Norton about it and the other (one was toolkit 9, the other was toolkit 4), but I find it confusing. NOrtons details states that no further action is required. Norton Details stated that an ip adresss matches known attack and was resulted from device/hardiskvolume2/programfiles/mozillafirefox/firefox.exe. Does this mean that it was trying to attack my browser? What does the harddisk volume2 mean? (firefox in on my c drive not external storage drive)
What would you do? I ran regular full system scan of my computer and dumped temp files. What else would you do? I have an old version of Malware bytes installed but cant find info on their page on how to upgrade to the version model. Do I need to run this too? What about the Norton Power Eraser? Do I need to run this also? Upon reasearching this message one person said they used No Script firefox addon and didn't get this warning anymore. Do I need this and is it compatible with 360?
I am guessing that this notice is norton 360 just doing its job, but seeing as I am new to 360 and never had a notice before I wanted to get expert advice. I am not noticing anything else amiss but I would rather be safe than sorry. What should I do?