Solved

McAfee alerts' messages

Posted on 2004-04-19
4
477 Views
Last Modified: 2013-11-16
I wonder if someone could help me. I use McAfee VirusScan Professional Edition,
together with McAfee Guardian Firewall (+ Windows XP). Since the begining of last week I am
getting all the time Firewall messages warning me for attacks - Port Scan Attack (most
frequent) every 2 minutes (average 30 per hour).
Questions:
- Is that a common situation?
- Is it dangerous?
- What can I do to avoid receiving these attacks?
Please help me!
Thanks a lot!
0
Comment
Question by:BestwayLuso
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
LeftofCool earned 50 total points
ID: 10865301
Hi, the attacks you are describing are most likely NetBIOS attacks. NetBIOS is Microsoft's old peer-to-peer networking protocol which Windows XP doesn't even consider accepting unless under certain circumstances. Filesharers who use firewalls experience frequent NetBIOS attacks that aren't malicious but are still blocked. The only reason to worry is if all the attacks are coming from the same IP address. If that is the case, then you could have a piece of spyware on your system that can make your computer susceptible to interest among malicious hackers and could induce real Port-Scanning attacks. To be sure, download Spybot Search & Destroy from this site: http://download.com.com/3000-8022-10194058.html?tag=lst-0-3 . This program will scan you system for spyware, among other things. You might want to set McAfee to alert you only if the activity is malicious activity (or "Hacker Activity" if McAfee wishes to be dramatic). Windows XP coupled with that McAfee package and Spybot should make for a sufficient shield against anything you might come across.

0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10866735
I wouldn't worry about port scans.  EVERYBODY with an Internet IP address will get these, as part of either automated routines by ISPs to discover what machines are on their networks, or part of automated hacker utilities that enable hackers to ennumerate devices.
What you have to make sure is that any ports you DO have open, and with a personal PC, I wouldn't expect ANY, are secured.
This is a very common situation, is non-dangerous (think of it as background noise), and you can do nothing to stop receiving these, as even if you changed ISP or IP address, you'd still received them.
Do you use an Internet router ?  Or are you just dialling up ?
If you have a router, you can configure that with firewalling to stop these scans at the firewall, rather than letting them annoy you by hitting your internal PC ?
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10867580
These are port scans, NOT NetBIOS attacks !!
0
 
LVL 2

Expert Comment

by:LeftofCool
ID: 10873426
Forgive me if I assumed in error. I know that firewalls tend to be dramatic about what they pick up. Port scans, as long as they are not all from the same IP address aren't anything to worry about as long as you are adequately protected, and from what you've posted, you are. I very seldom get port scanned, though. I run ZoneAlarm on my laptop and desktop with a Wireless Access Point. The router may be what's protecting me.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question