Solved

Firewall blocked communications

Posted on 2001-08-05
4
213 Views
Last Modified: 2013-12-27
I have the Telus dsl high speed service. I am also
using Norton Internet Security. Recently I have noticed
in the event log that about every 10 seconds a AGT server
is trying to communicate with my computer. Norton says it
has blocked communication on an unused port. This goes
on all day every day every 10 seconds or so. I have
never noticed this amount of blocked communications before. I checked the IP address, and it comes back
belonging to AGT in Edmonton.
 
0
Comment
Question by:ringholio
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 12

Accepted Solution

by:
Otta earned 50 total points
ID: 6356190
This sounds like either:
* the 'Code Red' virus, which scans the entire Internet,
. looking for Microsoft IIS web-servers to infect.
. Details: http://WWW.Incidents.Org
or
* the 'SirCam' virus, which scans for computers with
. "File and Print Sharing" enabled with no password-protection.
. Details:
. (http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html)
. (http://vil.nai.com/vil/virusSummary.asp?virus_k=99141)
. (http://news.cnet.com/news/0-1003-200-6660198.html)

Probably, you are seeing traffic from *BOTH* viruses.



0
 
LVL 1

Expert Comment

by:wishmaster_xp
ID: 6619313
I'm another Telus ADSL user, for B.C.
What os are you currently using?

I've had a few similar enquiries recently, and in all cases they were WinXP users.

Here's the breakdown:

By default, the WinXP installation turns on Quality of Service (QOS) packets on the detected Internet connection. This sends small packets of data about your Internet experience to your ISP. This is in no way privacy invasive, and works to your advantage. Telus's servers are indeed configured to accept these QOA packets, and send corresponding data back.

MANY firewall applications set off a million false alarms about attempted hackers and the like. If you are running WinXP, turn on the ICF and be done with it.
If you really want some better into, run a traceroute and host lookup on the address. Might also want to give ZoneAlarm a spin on the PC.
For "follow the bouncing ball" PC Security info, go visit
Steve Gibson's website: http://www.grc.com
He's a God among men.
0
 
LVL 1

Expert Comment

by:wishmaster_xp
ID: 6619323
Hey! Also check for those nasty spyware apps.
The most common one I've found lurking on people's PC
currently is courtesy of KaZaa, the media downloaded.
(Napster replacement)

1. Go download AdAware! Can't stress this enough.
http://www.lavasoftusa.com

2. Ditch KaZaa, and look to Morpheus instead. It's the SAME application, minus the spyware. Does have a banner though, but you hav to live with that.........or not.
};->


Happy hunting.

0
 

Expert Comment

by:SpideyMod
ID: 8281342
Force Accepted

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re like me and you like peace and quiet, saving money, and pretty lights, then this article is for you. For financial reasons, I buy all the Cisco equipment for my home lab second-hand. The first thing to wear out is usually one of the coo…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question