Re: Norton Firewall/NIS message about incoming UDP connection
From: Carey Frisch [MVP] (cnfrisch_at_nospamgmail.com)
Date: 11/29/04
- Next message: Carey Frisch [MVP]: "Re: Windows Firewall is off, but still receiving RPC error when running GPMC RSoP"
- Previous message: Chadman: "Re: msn home pages doesn't display the macromedia clip"
- In reply to: Bill Evans: "Norton Firewall/NIS message about incoming UDP connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Nov 2004 08:49:00 -0600
Please visit the experts in the Windows Firewall Newsgroup:
news://msnews.microsoft.com/microsoft.public.windows.networking.firewall
-- Carey Frisch Microsoft MVP Windows XP - Shell/User Be Smart! Protect Your PC! http://www.microsoft.com/athome/security/protect/default.aspx --------------------------------------------------------------------------------- "Bill Evans" wrote: | The firewall in Norton Internet Security 2004 has given me this message ten | times in the past two hours: | | ---- | A remote system is attempting to access Microsoft Generic Host Process for | Win32 Services on your computer. | ---- | | The last incoming IP is 169.254.205.18, but it's not the same IP each time. | Interestingly, IP's in the 169.254.x.y range are passed out by Windows when | you tell it to use DHCP to get an address and there is no DHCP server, but | the other IP's were not in that range nor in the 192.168.x.y range, but I | digress.... | | I've searched the internet, and found several message boards that offer tech | help where people were told "Don't worry about it, allow it.". | | Also NIS itself suggests that I allow it. | | I've been denying it each time because it's INCOMING, it wasn't coming in | yesterday, I don't know what it is or why it might be trying to send me UDP | packets, and I don't think it has my best interests in mind. ;-) | | So now I have some questions: | | 1) What is it, and why did it all of the sudden start picking on me? Of | course I suspect it's a worm looking for an open socket. | | 2) Why is NIS suggesting I allow it? | | 3) How is a remote IP able to reach me through my LinkSys router? Here is | my current IP info: | | ----- | Windows IP Configuration | | | Ethernet adapter Internet Connection: | | Connection-specific DNS Suffix . : | IP Address. . . . . . . . . . . . : 192.168.1.100 | Subnet Mask . . . . . . . . . . . : 255.255.255.0 | IP Address. . . . . . . . . . . . : fe80::2e0:4cff:fe00:1211%4 | Default Gateway . . . . . . . . . : 192.168.1.1 | | Tunnel adapter Teredo Tunneling Pseudo-Interface: | | Connection-specific DNS Suffix . : | IP Address. . . . . . . . . . . . : fe80::5445:5245:444f%5 | Default Gateway . . . . . . . . . : | | Tunnel adapter Automatic Tunneling Pseudo-Interface: | | Connection-specific DNS Suffix . : | IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.100%2 | Default Gateway . . . . . . . . . : | ----- | | At first I couldn't think of any changes I've made to bring this on, but now | I remember that I did install all of the Windows XP components listed under | "Networking Services" (UPnP UI, Simple TCP/IP services, etc.) last night. | | Is that what's causing this? Also is that why I have these funky IP's | listed under IPConfig <above> that I've never seen before? | | -- | bill evans
- Next message: Carey Frisch [MVP]: "Re: Windows Firewall is off, but still receiving RPC error when running GPMC RSoP"
- Previous message: Chadman: "Re: msn home pages doesn't display the macromedia clip"
- In reply to: Bill Evans: "Norton Firewall/NIS message about incoming UDP connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
