Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Norton Internet Security Problem!
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Filezilla uninstall.exe detected as Prockill-DF? »
« IM Rootkit Tracked To Mid East Group  
AuthorAll Replies

jellybeans27

join:2005-10-28

reply to jvmorris
Re: Norton Internet Security Problem!

Here's an example from my activity log:

Details: Intrusion: Invalid Source IP Address.
Intruder: 255.255.255.255.
Risk Level: Medium.
Source IP address: 255.255.255.255.This IP address is invalid.
Destination IP address: YOUR-JSAHFDNCU3(84.13.89.247).
Protocol: ICMP.
to forum · permalink · · 2005-11-15 16:50:00 · Reply to this


jvmorris
I Am The Man Who Was Not There.
Premium,MVM
join:2001-04-03
Reston, VA		 Looks like it's coming from NIS' IDS subsystem, rather than the firewall. Pity it doesn't give more details about the ICMP message involved.

Maybe Reese can shed some light on this.
--
Regards, Joseph V. Morris
to forum · permalink · · 2005-11-15 16:54:34 · Reply to this


ranschultz
Premium
join:2004-05-28
Canyon Country, CA
·Vonage

1 edit		reply to jellybeans27
This appears to be a smurf type of attack. Somebody on your local segment is sending this packet with the intent of using your machine to amplify the attack and cause a denial of service to your segment or some machine on your segment.

To figure out who it is you'd have to use a packet sniffer to get the ethernet address associated with the offending packet and associate that with an Internet address. Reporting the ethernet address alone to your ISP should be sufficient to track this person down.

Edit: fixed a bone-headed wording mistake.
to forum · permalink · · 2005-11-15 20:34:47 · Reply to this

jellybeans27

join:2005-10-28		 Which 'packet sniffer' do you recommend?
to forum · permalink · · 2005-11-16 06:36:55 · Reply to this
Forums » Up and Running » Security » SecurityFilezilla uninstall.exe detected as Prockill-DF? »
« IM Rootkit Tracked To Mid East Group  

Tuesday, 01-Dec 15:02:52 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [77] Comcast Releasing Promised Usage Meter
· [62] Baltimore To Ban Lazy Cable Installs
· [54] Broadband Killed The Game Console
· [43] Rogers Unveils The ISP Dream Model
· [38] Rural Carriers Quickly Embracing Fiber
· [33] AT&T Top Lobbyist Cicconi Has His Feelings Hurt
· [32] Charter Exits Chapter 11
· [24] Midcontinent Socked With Easement Lawsuit
· [21] Vivendi Agrees, Comcast/NBC Deal Soon
· [19] ACTA: Global Three Strikes
Most people now reading
· Windows 7 boot manager editing questions [Microsoft Help]
· Heating - my dad gave me this advice... [Home Repair & Improvement]
· buying a one way ticket [General Questions]
· [Phish] email from CDC "personal vaccination profile" [Spam, Scam and Phishbusters]
· IMG 1.7 (IMG Updates and Discussion) [Verizon FIOS TV]
· Wind getting a little more aggressive [TekSavvy]
· Fun screwing with PuG raids. [World of Warcraft]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Considering Leaving Vonage, who should I Consider? [VOIP Tech Chat]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]