I WENT INTO MY LOG VIEWER IN THE NORTON ANITVIRUS AND IT SAYS IN ALERTS "UNAUTHORIZED LOG ACCESSED". WHAT DOES THIS MEAN? WHY CANT I FULLY DELETE P2PNETWORKS OFF MY COMPUTER? AND DOES ANYBODY KNOW WHAT ICMP PING MEANS? I SCANNED MY COMPUTER FOR THREATS USING SYMANTEC SECURITY AND IT SAID THAT IT WAS OPEN. IM SO CONFUSED. I KNOW NOTHING ABOUT ALL OF THAT. CAN ANYBODY HELP ME?
2006-09-17 22:32:23 · 4 answers · asked by Anonymous in Computers & Internet ➔ Security
AND I KEEP HAVING THIS WINDOW POP UP SAYING "ALLOW ACTIVE X CONTROL TO RUN THIS PAGE" HOW CAN I GET THIS TO GO AWAY?
2006-09-17 22:34:10 · update #1
Hey
Will need some more details to help you out completely but from what you have written..
Unauthorized log access - The exposure of the log files to potential modification does not in anyway affect the security of the product. File modification merely provides a potential way for an intruder to attempt to disguise their illegal activities.
P2P Networks - you can very delete the P2P Networks but I'll have to know what kind of networks are being used on your computer.
ICMP Ping - Internet Control Message Protocol, ICMP is used for error and control messages on the internet. It simply means the network is pinging your computer to check if you are connected to the network at periodic intervals. This sometimes may be abused by the hackers so its better to block it off.
As you said Symantec online scan shows your computer is open, which means your computer is visible on the network / internet which leaves it open for hackers to abuse. The simplest of solution is to get a firewall, I use ZoneAlarm which can be downloaded from Zonelabs.com and is highly recommended. Its very easy to use and configure and works silently without using too much of resources. It also hides your computers on the networks and the suite version also has an Anti-Virus with it so you may just get a single product once your norton expires till then use the free firewall version. After installing the firewall you may run the online scan again to make sure its well configured.
All the best!!
2006-09-17 22:55:12 · answer #1 · answered by Anshul 2 · 2⤊ 0⤋
If you worry about the external network intrusion into your network/machine it is better if you use either Network Intrusion Detection System / Firewall.
Many quality products are available for free the only thing is that you should have to install and regularly maintains them.
An antivirus is not going to stop the intrusion not much and better go for two antivirus just because no product available in the market cure all the viruses though they claim so.
ICMP is used by the IP layer to send one-way informational messages to a host. There is no authentication in ICMP, which leads to attacks using ICMP that can result in a denial of service, or allowing the attacker to intercept packets. There are a few types of attacks that are associated with ICMP shown as follows:
ICMP DOS Attack : Attacker could use either the ICMP "Time exceeded" or "Destination unreachable" messages. Both of these ICMP messages can cause a host to immediately drop a connection. An attacker can make use of this by simply forging one of these ICMP messages, and sending it to one or both of the communicating hosts. Their connection will then be broken. The ICMP "Redirect" message is commonly used by gateways when a host has mistakenly assumed the destination is not on the local network. If an attacker forges an ICMP "Redirect" message, it can cause another host to send packets for certain connections through the attacker's host.
ICMP packet magnification (or ICMP Smurf): An attacker sends forged ICMP echo packets to vulnerable networks' broadcast addresses. All the systems on those networks send ICMP echo replies to the victim, consuming the target system's available bandwidth and creating a denial of service (DoS) to legitimate traffic.
Ping of death: An attacker sends an ICMP echo request packet that's larger than the maximum IP packet size. Since the received ICMP echo request packet is larger than the normal IP packet size, it's fragmented. The target can't reassemble the packets, so the OS crashes or reboots.
ICMP PING flood attack: A broadcast storm of pings overwhelms the target system so it can't respond to legitimate traffic.
ICMP nuke attack: Nukes send a packet of information that the target OS can't handle, which causes the system to crash.
2006-09-18 05:43:21 · answer #2 · answered by Jayaprakash V 2 · 0⤊ 0⤋
ICMP - Internet Control Message Protocol - usually used to find out what services you have running on your PC.
PING - a bunch of IP packets sent to your PC to an IP address (usually a computer) to see if it exists.
"Open" means that you have service ports on your PC that are accepting connectons from the Internet. Usually only servers should have ports open, but in the case of P2P applications you may need to open various ports to allow other PCs to connect to you.
Go here:
http://www.grc.com/default.htm
and follow the links to ShieldsUp to test the security of your PC and read, read, read.
PS. Please don't use capitals, it's considered bad netiquette.
2006-09-18 05:46:27 · answer #3 · answered by Anonymous · 1⤊ 1⤋
Norton sucks to be honest. Try AVG or PC-Cillin, much better and less drag on your memory and processor.
2006-09-18 05:34:01 · answer #4 · answered by jasontogs 3 · 0⤊ 1⤋