Solved

McAfee alerts' messages

Posted on 2004-04-19
4
476 Views
Last Modified: 2013-11-16
I wonder if someone could help me. I use McAfee VirusScan Professional Edition,
together with McAfee Guardian Firewall (+ Windows XP). Since the begining of last week I am
getting all the time Firewall messages warning me for attacks - Port Scan Attack (most
frequent) every 2 minutes (average 30 per hour).
Questions:
- Is that a common situation?
- Is it dangerous?
- What can I do to avoid receiving these attacks?
Please help me!
Thanks a lot!
0
Comment
Question by:BestwayLuso
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
LeftofCool earned 50 total points
ID: 10865301
Hi, the attacks you are describing are most likely NetBIOS attacks. NetBIOS is Microsoft's old peer-to-peer networking protocol which Windows XP doesn't even consider accepting unless under certain circumstances. Filesharers who use firewalls experience frequent NetBIOS attacks that aren't malicious but are still blocked. The only reason to worry is if all the attacks are coming from the same IP address. If that is the case, then you could have a piece of spyware on your system that can make your computer susceptible to interest among malicious hackers and could induce real Port-Scanning attacks. To be sure, download Spybot Search & Destroy from this site: http://download.com.com/3000-8022-10194058.html?tag=lst-0-3 . This program will scan you system for spyware, among other things. You might want to set McAfee to alert you only if the activity is malicious activity (or "Hacker Activity" if McAfee wishes to be dramatic). Windows XP coupled with that McAfee package and Spybot should make for a sufficient shield against anything you might come across.

0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10866735
I wouldn't worry about port scans.  EVERYBODY with an Internet IP address will get these, as part of either automated routines by ISPs to discover what machines are on their networks, or part of automated hacker utilities that enable hackers to ennumerate devices.
What you have to make sure is that any ports you DO have open, and with a personal PC, I wouldn't expect ANY, are secured.
This is a very common situation, is non-dangerous (think of it as background noise), and you can do nothing to stop receiving these, as even if you changed ISP or IP address, you'd still received them.
Do you use an Internet router ?  Or are you just dialling up ?
If you have a router, you can configure that with firewalling to stop these scans at the firewall, rather than letting them annoy you by hitting your internal PC ?
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10867580
These are port scans, NOT NetBIOS attacks !!
0
 
LVL 2

Expert Comment

by:LeftofCool
ID: 10873426
Forgive me if I assumed in error. I know that firewalls tend to be dramatic about what they pick up. Port scans, as long as they are not all from the same IP address aren't anything to worry about as long as you are adequately protected, and from what you've posted, you are. I very seldom get port scanned, though. I run ZoneAlarm on my laptop and desktop with a Wireless Access Point. The router may be what's protecting me.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Split tunnel and locally reroute the traffic 3 34
firewall inside of network 9 73
Videos Blocked on espn.com 7 151
ipsec tunnel comme not up 10 79
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now