Re: Attempted Intrusion "MS ASN1 Integer Overflow TCP" "Help needed!"

http://www.dnsstuff.com/tools/whois.ch?ip=10.0.0.1
This IP address belongs to Internet Assigned Numbers Authority.

http://www.dnsstuff.com/tools/whois.ch?ip=90.235.136.35,1808
The above is an ISP in Sweden.
Is this your internet provider ?

*What* is telling you that the system is 'under attack', please ?

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============


captain_mariah wrote:
I am still getting attacked every time I go online. I have updated every program I can think off, even *Third part*. However, I don't have so many Third part software since allmost all programs came with the computer when I got it. I don't usually download programs, the only one I have downloaded that I can think off is MSN Messenger. I used to have XP, could it be that I have downloaded programs for XP into the vista such as Office programs. Could they be the weakness?

I have never had this program before, it is only now, since april, that I am getting these attacks.

I keep getting messanges like:

Details: Attempted Intrusion "MS ASN1 Integer Overflow TCP" against your machine was detected and blocked.
Intruder: 90.235.156.52,3287
90.235.136.35,1808
90.235.150.119,3035
and so on..
Risk Level: High.
Traffic description: TCP, 3287

I also get portscans now and then. For example:

Intruder: 10.0.0.1, 53
Traffic description: UDP, 53

Please tell me, is there something I can do to aviod being attacked or stop them from even trying to attack my computer when I am online?

There is no patch for this?

Getting desperate... :(






"MowGreen [MVP]" wrote:


Important As of May 2004, the most current versions of the files that are listed in this article (828028) are available in MS04-011:
835732 (http://support.microsoft.com/kb/835732/) MS04-011: Security update for Microsoft Windows

Microsoft Security Bulletin MS04-011
Security Update for Microsoft Windows (835732)
http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx

Neither XP SP2 nor Vista are listed under Affected software.
Nor are they listed on the Symantec page:
http://securityresponse.symantec.com/avcenter/attack_sigs/s20409.html

HOWEVER, there are 3rd party softwares listed that *are* vulnerable and are listed in the Symantec article. And, the version of NAV that is installed is * outdated *.

*** The system is being attacked because * 3rd party * software is vulnerable. ***
So, the question begs, have you kept *3rd party* software updated ?

For no-charge assistance with an exploited, compromised system:

" No charge support
• Call 1-866-PCSafety or 1-866-727-2338

This phone number is for virus and other security-related support. It is available 24 hours a day for the U.S. and Canada. For phone numbers outside of the U.S. and Canada, select your region.
http://support.microsoft.com/common/international.aspx?rdpath=4 "



MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============



captain_mariah wrote:


I have the same probem.

According to the website ( http://securityresponse.symantec.com/avcenter/attack_sigs/s20409.html) users are strongly advised to obtain fixes as soon as possible with a patch.

The only problem is there don't seem to be one for Microsoft Windows Vista Home P. So, how do I fix it for the Vista program?

How come my computer suddenly is continuisly attacked by this now everytime I go online? Can I prevent this from happening? Will the attacks disappear after a while? (and I don't mean shutting the notifications down; will it attack my computer for ever now?)

How do I prevent this kind of attacks? Is there websites should you avoid at all cost (forums, yahoo..and so on)?


"Sami" wrote:



Hello,

I for the last couple of days i keep receiving the following annoying message generated by my Norton Anti virus 2006:

Details: Attempted Intrusion "MS ASN1 Integer Overflow TCP" against your machine was detected and blocked.
Intruder: 86.62.217.124(3477).
Risk Level: High.
Protocol: TCP.
Attacked Port: 139

I would appreciate any help getting rid of this annoying message that keeps popping out like every minute!

Thank you,

Sami


.

Relevant Pages

  • Re: activation key
    ... When Vista was first installed, ... When following the link, one is unaware of the attack taking place on the system that is causing the issue. ... Do a thorough check for malware, following all of the steps at one of these Web pages, including HijackThis. ... Don't ever do a "default" install of anything. ...
    (microsoft.public.windows.vista.general)
  • Re: Time delay problems on full tilt.
    ... mins before the attack. ... As long as you have a hardware firewall/router in place and the firewall ... Also since you're running Vista, try right clicking on the icon and run as ... etc.) until I ran it as administrator. ...
    (rec.gambling.poker)
  • Re: Insert your head
    ... I haven't had much interaction with UAC so I can't respond with your ... you can conduct yourself without attacking the poster. ... Vista be free to post his problem here and expect not to get attacked ... If you go by your logic, then I should attack everyone. ...
    (microsoft.public.windows.vista.general)
  • Re: Insert your head
    ... I haven't had much interaction with UAC so I can't respond with your ... you can conduct yourself without attacking the poster. ... Vista be free to post his problem here and expect not to get attacked ... want and attack anyone you want and if exposed, ...
    (microsoft.public.windows.vista.general)
  • Re: [ANNOUNCE] DigSig 0.2: kernel module for digital signature verification for binaries
    ... possible attack scenarios. ... First digsig can help to avoid the access to the system by the intruder. ... as it aborts the execution of malicious code which often leads to a root ... Third, the intruder now has access to the system, he cannot execute the ...
    (Linux-Kernel)
Quantcast