Solved

Firewall blocked communications

Posted on 2001-08-05
4
210 Views
Last Modified: 2013-12-27
I have the Telus dsl high speed service. I am also
using Norton Internet Security. Recently I have noticed
in the event log that about every 10 seconds a AGT server
is trying to communicate with my computer. Norton says it
has blocked communication on an unused port. This goes
on all day every day every 10 seconds or so. I have
never noticed this amount of blocked communications before. I checked the IP address, and it comes back
belonging to AGT in Edmonton.
 
0
Comment
Question by:ringholio
  • 2
4 Comments
 
LVL 12

Accepted Solution

by:
Otta earned 50 total points
ID: 6356190
This sounds like either:
* the 'Code Red' virus, which scans the entire Internet,
. looking for Microsoft IIS web-servers to infect.
. Details: http://WWW.Incidents.Org
or
* the 'SirCam' virus, which scans for computers with
. "File and Print Sharing" enabled with no password-protection.
. Details:
. (http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html)
. (http://vil.nai.com/vil/virusSummary.asp?virus_k=99141)
. (http://news.cnet.com/news/0-1003-200-6660198.html)

Probably, you are seeing traffic from *BOTH* viruses.



0
 
LVL 1

Expert Comment

by:wishmaster_xp
ID: 6619313
I'm another Telus ADSL user, for B.C.
What os are you currently using?

I've had a few similar enquiries recently, and in all cases they were WinXP users.

Here's the breakdown:

By default, the WinXP installation turns on Quality of Service (QOS) packets on the detected Internet connection. This sends small packets of data about your Internet experience to your ISP. This is in no way privacy invasive, and works to your advantage. Telus's servers are indeed configured to accept these QOA packets, and send corresponding data back.

MANY firewall applications set off a million false alarms about attempted hackers and the like. If you are running WinXP, turn on the ICF and be done with it.
If you really want some better into, run a traceroute and host lookup on the address. Might also want to give ZoneAlarm a spin on the PC.
For "follow the bouncing ball" PC Security info, go visit
Steve Gibson's website: http://www.grc.com
He's a God among men.
0
 
LVL 1

Expert Comment

by:wishmaster_xp
ID: 6619323
Hey! Also check for those nasty spyware apps.
The most common one I've found lurking on people's PC
currently is courtesy of KaZaa, the media downloaded.
(Napster replacement)

1. Go download AdAware! Can't stress this enough.
http://www.lavasoftusa.com

2. Ditch KaZaa, and look to Morpheus instead. It's the SAME application, minus the spyware. Does have a banner though, but you hav to live with that.........or not.
};->


Happy hunting.

0
 

Expert Comment

by:SpideyMod
ID: 8281342
Force Accepted

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a how to to configure a UCS Ethernet-uplink portchannel via the console. It is easy to do and can be done quite quickly. In certain versions of the UCS manager the portchannel has issues coming up and this is a workaround. I am…
Hi there, This article summarizes what you need if you are going to set up your home or small business Network Attached Storage (NAS) to be accessible from the internet. Of course there are configuration differences based on your NAS or router ma…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question