Originally posted by TeshuvahBecause when you are playing at this site you are on the internet - hence they could be coming from anywhere. Where does Norton say they are from?
Why does norton anti-virus keep on detecting and blocking medium risk intrusion attempts when I am playing at your site 2-3 times a day?
It also means that Norton is doing it's job and stopping the bad stuff.
I just looked at my firewall log and it says there has been 48000 odd blocked intrusions. And that's only from the last few months.
I know Im on the internet...
However very rarely do I get intrusion attempts from any of the other sites I visit. In fact I dont. I get the odd attempt every now and then if I go to a new to me site.
Since discovering red hot pawn I get no less than 3 a day here. In about 1hr. of time spread about the day.
I will have to check on the next one to see exactly *where* they are coming from. I dont know much about firewalls etc and just do what norton recommends everytime I get one, which is basically nothing.
Originally posted by TeshuvahIs there a box to check when you are notified [or somewhere in the settings/preferences] saying not to keep notifying you.
I dont know much about firewalls etc and just do what norton recommends everytime I get one, which is basically nothing.
I'm using Zone Alarm Firewall and there is with that.
Ok, just got another one when I clicked on the profile of a guy I am playing. There were no adds on the page, if that matters.
"A computer with the IP address 127.0.0.1 sent information that is characteristic of the HTTP_ActivePerl_Overflow attack."
From nortons site:
Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description
This signature detects an attempt to exploit a buffer overflow vulnerability in the ActivePerl Perl implementation.
I don't like all of these intrusion attempts I am getting here. Especially since reading up on them.
Neat site but I don't feel it is very secure.
Originally posted by Teshuvahthere appears to be an intruder that has found a way into RHP. Russ is looking into it now.
Who are you?
Are you like the community response team all in one?
You do know that norton has failed to block things in the past right? RIGHT?
Run along now if youre done being helpful.
As for secure. I have yet to get any of these notices. ( I run mcafee at home and Nortons at work) and I have been on the site for a year.
I would recomending using the site feedback at the bottom of the screen to inform the site Admin just exactly what you have found and see what can be done to correct this problem.
Originally posted by TeshuvahConsidering the fact that Dr. S. is trying to help you, you could be a little more thankful and polite. Even if a particular response didn't help you, just say so, and don't do it through some smart ass questions.
Who are you?
Are you like the community response team all in one?
You do know that norton has failed to block things in the past right? RIGHT?
Run along now if youre done being helpful.
Adje
- Joined
- 03 Sep 03
- Moves
- 87628
Originally posted by TeshuvahI don't know how Norton works, but are you aware that 127.0.0.1 is simply aloopback address? and from that quote, it would seem the data/attack ORIGINATED from YOUR machine. Not from RHP.
"A computer with the IP address 127.0.0.1 sent information that is characteristic of the HTTP_ActivePerl_Overflow attack."
Originally posted by tmetzlerHe thinks a notification from Norton means his computer security has been breached, when in fact ALL computers are having 'intrusions' blocked - that's what people get the software for in the first place.
I don't know how Norton works, but are you aware that 127.0.0.1 is simply aloopback address? and from that quote, it would seem the data/attack ORIGINATED from YOUR machine. Not from RHP.
Dont confuse yourself dr strangeone.
I know full well what norton does and is for. My only concern was the sheer amount of attempts I get when at this site, and only this site. A concern you've seemingly failed to grasp to this pt.
I've taken kjc's helpful advice and am in contact with the admin of this site now on the matter and so this conversation can end. Or you can continue in your delusions about what I believe on the matter.
Have a nice day!
Originally posted by Teshuvah1. 127.0.0.1 is the IP address of your own computer.
Ok, just got another one when I clicked on the profile of a guy I am playing. There were no adds on the page, if that matters.
"A computer with the IP address 127.0.0.1 sent information that is characteristic of the HTTP_ActivePerl_Overflow attack."
From nortons site:
Severity: High
This attack could pose a serious security threat. You should ...[text shortened]... here. Especially since reading up on them.
Neat site but I don't feel it is very secure.
2. NIS does not recognize a threat called HTTP_ActivePerl_Overflow, nor is it listed on the symantec website.
3. Attacking the ActivePerl buffer would be almost pointless as very few people will have ActivePerl installed on their computer.