Solved

McAfee alerts' messages

Posted on 2004-04-19
4
478 Views
Last Modified: 2013-11-16
I wonder if someone could help me. I use McAfee VirusScan Professional Edition,
together with McAfee Guardian Firewall (+ Windows XP). Since the begining of last week I am
getting all the time Firewall messages warning me for attacks - Port Scan Attack (most
frequent) every 2 minutes (average 30 per hour).
Questions:
- Is that a common situation?
- Is it dangerous?
- What can I do to avoid receiving these attacks?
Please help me!
Thanks a lot!
0
Comment
Question by:BestwayLuso
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
LeftofCool earned 50 total points
ID: 10865301
Hi, the attacks you are describing are most likely NetBIOS attacks. NetBIOS is Microsoft's old peer-to-peer networking protocol which Windows XP doesn't even consider accepting unless under certain circumstances. Filesharers who use firewalls experience frequent NetBIOS attacks that aren't malicious but are still blocked. The only reason to worry is if all the attacks are coming from the same IP address. If that is the case, then you could have a piece of spyware on your system that can make your computer susceptible to interest among malicious hackers and could induce real Port-Scanning attacks. To be sure, download Spybot Search & Destroy from this site: http://download.com.com/3000-8022-10194058.html?tag=lst-0-3 . This program will scan you system for spyware, among other things. You might want to set McAfee to alert you only if the activity is malicious activity (or "Hacker Activity" if McAfee wishes to be dramatic). Windows XP coupled with that McAfee package and Spybot should make for a sufficient shield against anything you might come across.

0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10866735
I wouldn't worry about port scans.  EVERYBODY with an Internet IP address will get these, as part of either automated routines by ISPs to discover what machines are on their networks, or part of automated hacker utilities that enable hackers to ennumerate devices.
What you have to make sure is that any ports you DO have open, and with a personal PC, I wouldn't expect ANY, are secured.
This is a very common situation, is non-dangerous (think of it as background noise), and you can do nothing to stop receiving these, as even if you changed ISP or IP address, you'd still received them.
Do you use an Internet router ?  Or are you just dialling up ?
If you have a router, you can configure that with firewalling to stop these scans at the firewall, rather than letting them annoy you by hitting your internal PC ?
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10867580
These are port scans, NOT NetBIOS attacks !!
0
 
LVL 2

Expert Comment

by:LeftofCool
ID: 10873426
Forgive me if I assumed in error. I know that firewalls tend to be dramatic about what they pick up. Port scans, as long as they are not all from the same IP address aren't anything to worry about as long as you are adequately protected, and from what you've posted, you are. I very seldom get port scanned, though. I run ZoneAlarm on my laptop and desktop with a Wireless Access Point. The router may be what's protecting me.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question