Posted on 07/01/2004 9:36:01 AM PDT by cgk
Thank you... reading it now. (wow, extensive!!!)
Change to Arial font because it is easier to read.
Possibly? It was trying to open "my comments" via the pager, which opens fine now, but there are pics in the page...
If the file or folder is in use by the system as a background task process, Windows won't let you delete it until you close the program or end the process in the task manager.
Good idea.
Norton Internet Security is known to be "highly strung" when it comes to issuing alerts. The usual advice is to set it to report only alerts of a critical nature, which should eliminate bogus alerts like the one you encountered here.
That's what I would recommend. Any non-threatening alert would spook any "newbie" into thinking some intruder is snooping around inside the computer.
Garde la Foi, mes amis! Nous nous sommes les sauveurs de la République! Maintenant et Toujours!
(Keep the Faith, my friends! We are the saviors of the Republic! Now and Forever!)
LonePalm, le Républicain du verre cassé (The Broken Glass Republican)
The latest thing in spyware is to attach it to a .jpg or like file so that when it is accessed it loads the spyware.
It's possible that a linked picture had spyware embedded in it.
Okay... I opened the settings, and the personal firewall settings are on "medium (recommended)". Although you see it notified me to the low threat above. Should I change it to "high" only?
LOL! Using Mozilla since the reboot.
The Norton screenshot does not show a port number, but according to the tcpdump utility on Mac OS X, the FR pager is sending traffic to port 51524.
That's the usual recommendation if you don't want to be bugged by non critical alerts.
Since I restarted, I can't find the details of the last "attack". It wiped them all. If it happens again, I'll look for the port # and see if it's the same.
I guess what I am trying to say is, for example, the first time I run an application, Sygate asks me if I want that application to have access to the internet, I check "Remember my answer" and click Yes. From that point on, I can open my browser and Sygate remembers that I wanted the browser to be able to access the web and doesn't need to ask me again since I told it to remember my answer.
Otherwise, if I clicked yes without checking the box, it asks me everytime I open the browser.
Thank you to all of you who have tried to help me with this!
Okay... I have Mozilla 1.6. I just read their FAQ and I will download Firefox now. I am pretty sure that both occurrences happened when I was using IE. Old habits are hard to break and all that. Based on what Ernest said on the other thread he linked to in #10, it looks like I need to download some more stuff. (adaware doesn't seem to be enough).
I just tried the FR pager again in both IE and Mozilla and nothing happened. It may be what Bikers said - a picture with something embedded from some thread somewhere, although it won't repeat itself (Good!!!!).
I'll reset my firewall to high and see how that works.
Hopefully this thread will fizzle. Meaning no more problems for me or anyone else. ;)
Thanks to FReepers, I moved to Mozilla Firefox yesterday.
Your machine chooses an unused local port when it makes its "call" to FR. 51,524 or any of about 30,000 to 60,000 other possibilities. Sometimes it chooses a port that is known (to the firewall) to be used by some service (such as MSSQL) and because some firewalls are less than intelligent, not knowing or caring from where the connection originates (the local machine), they sniff any old traffic with abandon, and occasionally squawk when they sample a known exploit signature (just a string of bytes not necessarily representing malice.)
Imagine the same firewall software configured to alert whenever it sees "cat." (Advocated by dog enthusiasts, no doubt a critical alert.) It now constantly goes off on any -cat- word: advocate, allocate, catalog, vacation, etc. This is basically how the exploit detection mechanism works, it's just looking for a pattern of bits, sometimes in a particular place (the third through fifth letters perhaps in the cat example--alerting on vacation but not catalog), sometimes it doesn't have the luxury of specific location, and searches the entire packet.
Some problems of false positives can be alleviated switching to a "smart" firewall: a stateful one. Especially smart firewalls "speak" the application protocols--to decipher the meaning of the packet (effectively knowing that vacation is not feline, don't alert.)
You really do explain this well, and of course, I've got to ask you why, suddenly, similar experiences -- sort of a web page server "broken window" type of system error? Could it have just been a sequence of "cat" appearing on a thread/post page, activating port unreponses, possibly in ports configured similarly?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.