-
November 18th, 2003, 03:22 PM
#1
Norton, strange behavior?
Norton 2003 Security Suite. renwed liscence instead of upgrade to 2004. Updated when they are avaliable. Set to autoupdate. Win XP sp1+fully patched to date. Minus a few things I elected not to install, like stuff related to media player.
Now for the strange behavior. It happens when I search google, post the key words, or try and access a file on the net labeled the same.
Attempted Intrusion "Raq_Apache_dot_htaccess" from your machine against forums.oscommerce.com(216.92.183.243) was detected and blocked
Intruder: localhost(4957)
Risk Level: High
Protocol: TCP
Attacked IP: forums.oscommerce.com(216.92.183.243)
Attacked Port: http(80)
I was configuring my oscart, and had a question So I hit the board above. When I posted a question related to *.htaccess, Norton went off with the above intrusion attempt.
There are others like. Uploader.exe for example. I can also google for these and I get the same results
Can I set a rule in Norton To allow me to access files of these types without giving me any greif. If so I am missing it, cause I did look before posting.
Thanks in advance for any help.
Your heart was talking, not your mind.
-Tiger Shark
-
November 23rd, 2003, 09:43 AM
#2
Member
Re: Norton, strange behavior?
Originally posted here by dopeydadwarf
Norton 2003 Security Suite. renwed liscence instead of upgrade to 2004. Updated when they are avaliable. Set to autoupdate. Win XP sp1+fully patched to date. Minus a few things I elected not to install, like stuff related to media player.
Now for the strange behavior. It happens when I search google, post the key words, or try and access a file on the net labeled the same.
I was configuring my oscart, and had a question So I hit the board above. When I posted a question related to *.htaccess, Norton went off with the above intrusion attempt.
There are others like. Uploader.exe for example. I can also google for these and I get the same results
Can I set a rule in Norton To allow me to access files of these types without giving me any greif. If so I am missing it, cause I did look before posting.
Thanks in advance for any help.
Look under script blocking and tell it to ask you what to do...
-
November 24th, 2003, 12:47 AM
#3
Member
It may be worth it to post this on Symantec's forum to alert there developers that this perticular IDS signature may need to be changed a bit to avoid a 'false positive' if indeed it is one.
-
November 24th, 2003, 01:05 AM
#4
Its listing Localhost as the intruder. I would add that to the trusted sources, it should reduce the number of "attacks" you get.
Also, do you have Apache running? It does list that as the source of the attacks.
Using Proxies with Norton Internet Security can also be a huge cause of trouble. Honestly, I'd just go ahead and use Sygate Firewall instead. Just about as good, easy to use, and it doesn't give this kind of crap.
Best of all...its free at Download.com
I hope the first two ideas might help you out. Let us know either way. :-)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|