Norton Firewall Alert Analysis
I got back from class tonight, and got this message on the pic attached, and the other pic is the norton trace of the IP.
I use Norton personal firewall, along with Norton AV and Ad aware, spybot, all are updated and ran very frequently.
Here is the log entry:
Details: This one time, the user has chosen to "block" communications
Inbound TCP connection
Local address,service is (asdfasd-3v39q1qzj(xxx.xxx.xxx.xxx),1025)
Remote address,service is (xxx.xxxx.xxx.xxx,3442)
Process name is "C:\WINDOWS\System32\svchost.exe"
Basically, I am worried because I wasn't around when Norton asked permission to allow it access to the internet. It happened by itself, not from my normal use. Port 1025 on google came up with internet Blackjack. I don't use anyform of card game on this box. I have found threads on AO about closing it, but I am worried that something is wrong because it attempted to connect by itself.
I am concerned because C:\WINDOWS\System32\svchost.exe doesn't look like blackjack. My specific questions are, what caused this, why was it random, is there someone on the other end at the University of Vermont screwing with me, and are they worth reporting?
Thanks Yall
Soda