What is this and how do I stop it? Every 10minutes or so my Norton Anitvirus keeps popping up with "An intrusion attempt by 130.13.161.21 was blocked." with the risk name listed as "MSRPC SrvSvc NetApi Buffer Overflow (2)"
2007-03-21 13:29:45 · 2 answers · asked by Marcus Fenix 2 in Computers & Internet ➔ Security
The last few digits of the number keep changing also
2007-03-21 13:32:54 · update #1
Make sure your computer is up-to-date with all the patches from Microsoft.
what you are seeing is good information. Norton is informing you it has blocked someone from performing a specific attack on your computer. You should be able to tell Norton to stop alerting you of these types of events.
Check the user manual if you can't find information there contact Symantec support for specific help.
2007-03-23 17:27:04 · answer #1 · answered by ruloopy 3 · 0⤊ 0⤋
oftentimes, in programming, you will prefer a chew of reminiscence to place some records into - working example, a non everlasting storage section for records being gained from the community for the duration of processing. you will many times get it from one in each of two areas observed as the 'heap' and the 'stack'. The heap is the suited place to place the buffers; you could ask it for a chew of reminiscence a given length and it will supply it to you. whether, allocating on the heap is inconvenient, and programmers sometimes get lazy and use the stack instead. Now, the stack is undemanding to handle. the laptop handles allocating and doing away with the reminiscence for you. How handy! concern is, the dimensions is fastened while this technique is compiled. while this technique finally places the innovations interior the buffer, it would be careful to not exceed the buffer length, whether that length is exact interior the heap reminiscence request or the stack buffer length. If it does, it's going to overwrite despite comes after that buffer in reminiscence - therein lies the project. If the innovations suitable after the buffer features a code handle - a area wherein the laptop will look to discover some code to run - then the innovations interior the buffer ought to overwrite this handle and ingredient it back into the buffer, the place evil code ought to've been loaded. regrettably, the stack does precisely this. while the laptop enters a technique, it 'pushes' the return handle onto the stack, and then pushes any close by variables, buffers, and so on. The stack grows downward with each and each push - so the object /after/ the main-those days pushed merchandise is the 2nd-maximum those days pushed. As such, your buffers are continuously suitable till now the return handle. So, a buffer overflow make the main works via tricking this technique into putting too plenty records into the buffer. many times this might look purely like this: * various of NOP training - while the CPU runs a sort of it purely strikes to the subsequent without doing something. This compensates for inaccuracy in aiming the return handle. * some malicious code - many times this could be a small ingredient which downloads the real meat of the make the main as quickly because it has administration of the gadget. * An approximation of an handle interior the direction of the NOPs, repeated many cases. The objective right that's to overwrite the return handle with a sort of. If it succeeds, the technique ultimately returns, inflicting the CPU to get better to the 'NOP slide', flow directly to the evil code, and bam, your laptop is under the attacker's administration.
2016-10-19 07:26:31 · answer #2 · answered by troesch 4 · 0⤊ 0⤋